Copyrighted Material
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Webrtc and XMPP
webRTC and XMPP Philipp Hancke, XMPP Summit 2013 What is this webRTC thing … …and why should XMPP developers care? . I assume you know what XMPP is… . … you might have heard of Jingle . the XMPP framework for establishing P2P sessions . used for VoIP, filesharing, … . … you might have also heard about this webRTC thing . doing VoIP in the browser . without plugins . „no more flash“ . Do you want to know how it relates to XMPP ? Philipp Hancke © ESTOS GmbH 2013 2 What is webRTC? . P2P sessions between browsers . no servers involved in media transfer . using open standards . Javascript API in the browser . also an BSD-licensed C++ library from Google . Want to know more? . Listen to the evangelists! . Justin Uberti http://www.youtube.com/watch?v=E8C8ouiXHHk . Jose de Castro http://vimeo.com/52510068 . Cullen Jennings http://vimeo.com/cullenfluffyjennings/rtcwebexplained Philipp Hancke © ESTOS GmbH 2013 3 Initiating P2P sessions . initiate a P2P session between two browsers . negotiate media codecs, NAT traversal, etc . media is sent P2P . you need a session initiation protocol . SIP? . JSEP? . H.323? . Jingle! . webRTC does not mandate a signalling protocol . WG decision Philipp Hancke © ESTOS GmbH 2013 4 Call Flow - JSEP Philipp Hancke © ESTOS GmbH 2013 5 Jingle . You can use Jingle as signalling protocol . together with BOSH or XMPP over websockets in the browser . Demo later . But… . webRTC uses the Session Description Protocol as an API . Jingle does not use SDP . You need a mapping SDP -> Jingle -> SDP . Complicated, but doable . Topic for breakout Philipp Hancke © ESTOS GmbH 2013 6 Call Flow - Jingle Philipp Hancke © ESTOS GmbH 2013 7 webRTC-Jingle usecases . -
Google Talk: Is It Ready for the Enterprise?
Research Publication Date: 16 April 2009 ID Number: G00166834 Google Talk: Is It Ready for the Enterprise? David Mario Smith, James Lundy This report discusses the Google Talk instant messaging product and its suitability for enterprises. This is important for companies which are looking at alternatives to IBM and Microsoft for messaging and collaboration. Key Findings • Google Talk IM is based on the Extensible Messaging and Presence Protocol (XMPP) and Jingle protocols. • To get enterprise-level support for Google Talk, companies have to purchase the full Google Apps Premier Edition (GAPE) suite. • Enterprise users are already using the Google Talk and Gmail free services. Recommendations • Enterprises making collaboration decisions should include the Google Apps portfolio as part of an effort to compare the economics of their current incumbent provider vs. similar services provisioned in the cloud. © 2009 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner's research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice. WHAT YOU NEED TO KNOW Enterprise instant messaging (IM) has emerged to become an infrastructure component in enterprises. -
A Comparison Between Inter-Asterisk Exchange Protocol and Jingle Protocol: Session Time
Engineering, Technology & Applied Science Research Vol. 6, No. 4, 2016, 1050-1055 1050 A Comparison Between Inter-Asterisk eXchange Protocol and Jingle Protocol: Session Time H. S. Haj Aliwi N. K. A. Alajmi P. Sumari K. Alieyan School of Computer Sciences Saad Al-Abdullah Academy School of Computer Sciences National Advanced IPv6 Center Universiti Sains Malaysia for Security Sciences, Kuwait Universiti Sains Malaysia Universiti Sains Malaysia [email protected] [email protected] [email protected] [email protected] Abstract—Over the last few years, many multimedia conferencing sessions. Such applications are Gtalk, Talkonaut, and Hangouts and Voice over Internet Protocol (VoIP) applications have been [7]. developed due to the use of signaling protocols in providing video, audio and text chatting services between at least two participants. II. BACKGROUND This paper compares between two widely common signaling protocols: InterAsterisk eXchange Protocol (IAX) and the extension of the eXtensible Messaging and Presence Protocol A. IAX Protocol (Jingle) in terms of delay time during call setup, call teardown, In 2004, Mark Spencer created the Inter-Asterisk eXchange and media sessions. (IAX) protocol for asterisk that performs VoIP signaling [22]. IAX is supported by a few other softswitches, (Asterisk Private Keywords-multimedia conferencing; VoIP; signaling protocols; Branch eXchange) PBX systems [23], and softphones [18]. Jingle; IAX Any type of media (Video, audio, and document conferencing) can be managed, controlled and transmitted through the I. INTRODUCTION Internet Protocol (IP) networks based on IAX protocol [25]. With the appearance of numerous multimedia conferencing IAX2 is considered to be the current version of IAX. -
XEP-0234: Jingle File Transfer
XEP-0234: Jingle File Transfer Peter Saint-Andre Lance Stout mailto:xsf@stpeter:im mailto:lance@andyet:com xmpp:peter@jabber:org xmpp:lance@lance:im http://stpeter:im/ 2019-06-19 Version 0.19.1 Status Type Short Name Deferred Standards Track jingle-ft This specification defines a Jingle application type for transferring a file from one entity to another. The protocol provides a modular framework that enables the exchange of information about the file to be transferred as well as the negotiation of parameters such as the transport to be used. Legal Copyright This XMPP Extension Protocol is copyright © 1999 – 2020 by the XMPP Standards Foundation (XSF). Permissions Permission is hereby granted, free of charge, to any person obtaining a copy of this specification (the ”Specification”), to make use of the Specification without restriction, including without limitation the rights to implement the Specification in a software program, deploy the Specification in a network service, and copy, modify, merge, publish, translate, distribute, sublicense, or sell copies of the Specifi- cation, and to permit persons to whom the Specification is furnished to do so, subject to the condition that the foregoing copyright notice and this permission notice shall be included in all copies or sub- stantial portions of the Specification. Unless separate permission is granted, modified works that are redistributed shall not contain misleading information regarding the authors, title, number, or pub- lisher of the Specification, and shall not claim endorsement of the modified works by the authors, any organization or project to which the authors belong, or the XMPP Standards Foundation. -
Listener Feedback #170
Security Now! Transcript of Episode #409 Page 1 of 40 Transcript of Episode #409 Listener Feedback #170 Description: Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. High quality (64 kbps) mp3 audio file URL: http://media.GRC.com/sn/SN-409.mp3 Quarter size (16 kbps) mp3 audio file URL: http://media.GRC.com/sn/sn-409-lq.mp3 SHOW TEASE: It's time for Security Now!. Steve Gibson is here. What a great show ahead. Questions, answers. We'll talk more about PRISM, more insight there. You've got to stay tuned. This is the show to keep your privacy and security up. Security Now! is next. Leo Laporte: This is Security Now! with Steve Gibson, Episode 409, recorded June 19th, 2013: Your questions, Steve's answers, #170. It's time for Security Now!, the post-NSA edition. Steve Gibson is here, our Explainer in Chief, the guy who does all the security and privacy and is really our guru in that realm. Hello, Steve. Good to see you. Steve Gibson: Hey, Leo. Great to be with you again. And we have largely, as expected, a follow-up to last week's blockbuster theory of how PRISM works, as I expected. Actually I probably had double the number of email that I normally pull from the mailbag, which would have only been in half of the period of time. -
Authentication and Key Management Automation In
Authentication and Key Management Automation in Decentralized Secure Email and Messaging via Low-Entropy Secrets Itzel Vazquez Sandoval∗, Arash Atashpendar∗†, Gabriele Lenzini∗ ∗SnT, University of Luxembourg †itrust consulting, Luxembourg Email: {itzel.vazquezsandoval,gabriele.lenzini}@uni.lu, [email protected] Abstract—We revisit the problem of entity authentication in management, affecting email more acutely, is intertwined with decentralized end-to-end encrypted email and secure messaging authentication and the need for automating it has been known to propose a practical and self-sustaining cryptographic solution for a long time, e.g., see (Ruoti et al., 2018). based on password-authenticated key exchange (PAKE). This not only allows users to authenticate each other via shared low- Over the years, several methods have been established to entropy secrets, e.g., memorable words, without a public key tackle authentication, and indirectly key management: man- infrastructure or a trusted third party, but it also paves the ual validation, web of trust, public key infrastructure (PKI) way for automation and a series of cryptographic enhancements; and hierarchical validation, public key directories as well as improves security by minimizing the impact of human error and server-derived public keys such as identity-based encryption potentially improves usability. First, we study a few vulnera- bilities in voice-based out-of-band authentication, in particular (IBE). The set of viable candidates becomes much smaller a combinatorial attack against lazy users, which we analyze in once we consider a decentralized setting, i.e., without a PKI the context of a secure email solution. Next, we propose solving or a trusted third party (TTP). -
Risk of Public Disclosure: Learning from Willy Wonka
Issue 20, 16 December 2014 WhiteNews Global corporate espionage news Editorial: WhiteRock Updates: All About Privacy 2 Threat: Are LinkedIn Contacts Trade Secrets? 3 News: $400 Bn Military Espionage; Code Fishing 4 News: Falcani Black List; Football Whistleblower 5 Feature: Willy Wonka’s Lessons in Espionage 6-7 Technology: Hearing Aid for Corporate Spies 8-9 Extra: FBI’s Untold Story; Spy on Your Rival 10-11 Letter From America: Spying Breakfast Club 12 Exclusive Reporting for WhiteRock’s Clients Risk of Public Disclosure: Learning from Willy Wonka Our feature story is seemingly seasonal and light-hearted, but the film ‘Charlie and the Chocolate Factory’ carries a very strong espionage message that is relevant even 50 years later. Willy Wonka was a brilliant CEO who knew that the only person who could protect his trade was himself. Wonka’s story translates superbly into today’s corporate world, and in this issue we are discussing how the contemporary big players are maintaining their edge and success over their competitors. This is equally relevant for small and medium-sized businesses, who really don’t prioritise their trade secrets, making their advantage extremely vulnerable. In the technology section we analyse the delicate matter of hearing aid systems. They’re everywhere, including in corporate meeting rooms, and nobody really considers these as a threat. We’re examining how to achieve a balance between protecting valuable corporate information without creating an embarrassing situation that in turn could lead to reputational damage! Our extra section may give you a wrong impression this time. No, we’re not teaching you how to spy, this is not our bag. -
XEP-0353: Jingle Message Initiation
XEP-0353: Jingle Message Initiation Philipp Hancke Peter Saint-Andre mailto:fippo@andyet:com mailto:xsf@stpeter:im xmpp:fippo@goodadvice:pages:de xmpp:peter@jabber:org http://stpeter:im/ 2021-03-04 Version 0.3.1 Status Type Short Name Deferred Standards Track jingle-message This specification provides a way for the initiator of a Jingle session to propose sending an invitation in an XMPP message stanza, thus taking advantage of message delivery semantics instead of sending IQ stanzas to all of the responder’s online resources or choosing a particular online resource. Legal Copyright This XMPP Extension Protocol is copyright © 1999 – 2020 by the XMPP Standards Foundation (XSF). Permissions Permission is hereby granted, free of charge, to any person obtaining a copy of this specification (the ”Specification”), to make use of the Specification without restriction, including without limitation the rights to implement the Specification in a software program, deploy the Specification in a network service, and copy, modify, merge, publish, translate, distribute, sublicense, or sell copies of the Specifi- cation, and to permit persons to whom the Specification is furnished to do so, subject to the condition that the foregoing copyright notice and this permission notice shall be included in all copies or sub- stantial portions of the Specification. Unless separate permission is granted, modified works that are redistributed shall not contain misleading information regarding the authors, title, number, or pub- lisher of the Specification, and shall not claim endorsement of the modified works by the authors, any organization or project to which the authors belong, or the XMPP Standards Foundation. -
Multi-User Jingle
Multi-User Jingle Sjoerd Simons Collabora Ltd, sponsored by NlNet LCA 2009 Multi-User Jingle XMPP protocol extension for initiating and managing multiparty voice and video conferences within an XMPP MUC using Jingle Jingle XMPP protocol extension for initiating and managing peer-to-peer media sessions between two XMPP entities XMPP I Extensible Messaging and Presence Protocol I The protocol formaly known as Jabber I XML streams I XMPP Core: RFC 3920 I XMPP IM: RFC 3921 I Extensions using XMPP Extension Proposals (XEP) XMPP JID Almost but not entirely unlike an e-mailaddress: I [email protected] I [email protected] I [email protected]/balcony Messages <message to='[email protected] ' from='juliet@example .com/balcony ' type='chat ' xml:lang=' en '> <body>Wherefore art thou, Romeo?</ body> </ message> Presence <presence from='romeo@montague. lit/orchard '> <show>dnd</show> <s t a t u s>Wooing Juliet</ s t a t u s> <c xmlns='http://jabber.org/protocol/caps' hash=' sha −1 ' node='http://telepathy .freedesktop.org/wiki/Muji' ver='iuNYhdSOy4nYDVPDhoTqCFubSz8='/> </ p r e s e n c e> Info/Query <iq xmlns='jabber:client ' to='juliet@example .com/balcony ' from='romeo@example. net/orchard ' id='2846139002 ' t y p e= ' g e t '> <query xmlns='http://jabber.org/protocol/disco#info ' node=' http://telepathy . freedesktop . org/wiki/Muji#iuNYhdSOy4nYDVPDhoTqCFubSz8=' /> </ i q> <iq xmlns='jabber:client ' to='romeo@example. net/orchard ' from='juliet@example .com/balcony ' id='2846139002 ' type='result '> <query xmlns='http://jabber.org/protocol/disco#info '> <identity category='client ' t y p e= ' pc ' name='Telepathy Gabble 0 . -
Secure Email - a Usability Study
Secure Email - A Usability Study Adrian Reuter1, Karima Boudaoud2, Marco Winckler2 , Ahmed Abdelmaksoud2, Wadie Lemrazzeq2 1 Technische Universität München, Arcisstraße 21, 80333 München, Germany 2 Polytech Nice Sophia, 930 route des Colles, 06903 Sophia Antipolis, France Abstract. Several end-to-end encryption technologies for emails such as PGP and S/MIME exist since decades. However, end-to-end encryption is barely ap- plied. To understand why users hesitate to secure their email communication and which usability issues they face with PGP, S/MIME as well as with pEp (Pretty Easy Privacy), a fairly new technology, we conducted an online survey and user testing. We found that more than 60% of e-mail users are unaware of the existence of such encryption technologies and never tried to use one. We observed that above all, users are overwhelmed with the management of public keys and struggle with the setup of encryption technology in their mail soft- ware. Even though users struggle to put email encryption into practice, we ex- perienced roughly the same number of users being aware of the importance of email encryption. Particularly, we found that users are very concerned about identity theft, as 78% want to make sure that no other person is able to write email in their name. Keywords: mail encryption, user study, usability, PGP, S/MIME, pEp. 1 INTRODUCTION To prevent cyber-crime and to protect user privacy, almost all services running on the Internet critically depend on cyber security measures. Most dominantly, transport layer security (TLS) is used for securing a variety of communication protocols. -
Skype® for Dummies‰
01_048917 ffirs.qxp 12/8/06 8:26 PM Page iii Skype® FOR DUMmIES‰ by Loren and Susan Abdulezer and Howard Dammond Foreword by Niklas Zennström CEO and co-founder of Skype 01_048917 ffirs.qxp 12/8/06 8:26 PM Page ii 01_048917 ffirs.qxp 12/8/06 8:26 PM Page i Skype® FOR DUMmIES‰ 01_048917 ffirs.qxp 12/8/06 8:26 PM Page ii 01_048917 ffirs.qxp 12/8/06 8:26 PM Page iii Skype® FOR DUMmIES‰ by Loren and Susan Abdulezer and Howard Dammond Foreword by Niklas Zennström CEO and co-founder of Skype 01_048917 ffirs.qxp 12/8/06 8:26 PM Page iv Skype® For Dummies® Published by Wiley Publishing, Inc. 111 River Street Hoboken, NJ 07030-5774 www.wiley.com Copyright © 2007 by Wiley Publishing, Inc., Indianapolis, Indiana Published by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permit- ted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355, or online at http://www.wiley.com/go/permissions. -
SEMINARSKI RAD IZ OSNOVA INFORMATIKE Tema: CHAT
OŠ ÅVuk S. Karadžić´ Banja Luka SEMINARSKI RAD IZ OSNOVA INFORMATIKE Tema: CHAT 18.februar 2011. Milica Simidžija IX3 SADRŽAJ: CHAT. 1 KO KORISTI CHAT?. .2 VRSTE CHAT-A: -Chat sobe na web stranicama. 3 -Chat programi: . .4 1. Windows Live Messenger. .4-5 2. Skype. 6-7 3. AOL Instant Messenger. 8 4. Yahoo Messenger. .9 5. X-Chat. .10 6. ICQ. 11 7. Google Talk. 12 CHAT SKRAĆENICE. 13 PRAVILA CHAT-a. 14 LITERATURA . 15 CHAT Chat je oblik komunikacije dva ili više korisnika putem računara i računarske mreže. Chat se odvija u vrlo kratkim porukama koje korisnik vidi čim ih njegov sugovornik pošalje (obično pritiskujući tipku Enter).Na nekim chatovima postoje tzv. sobe u kojima istovremeno priča i do nekoliko desetaka (pa i stotina) korisnika. U nekima je razgovor ograničen na nekoliko ljudi, dok neki mogu kombinovati te dvije vrste. Za neke chatove ne treba ništa osim Web Browser-a i Java Programskog jezika, dok su neki prerasli u posebne kompjuterske programe, od kojih su najpoznatiji Windows Live Messenger, Skype, Yahoo! Messenger, Google Talk itd. 1 KO KORISTI CHAT? Chat aplikacije korištene su najčešće od strane tinejdžera do 18 godina starosti. Posebno privlačna mladima je anonimnost koju internet pruža, a koju je nemoguće postići u nekoj drugoj vrsti komunikacije. Ova anonimnost oslobađa i podstiče ljude na drugačiju komunikaciju nego što bi to činili u ličnim kontaktima, što znači da se svako može predstaviti kako želi i biti šta želi. Ponekad se odrasli ljudi koji često nemaju prijateljske namjere mogu predstavljati kao djeca. To najčešće budu pedofili, koji se preko četa pokušavaju približiti djeci.