Dan York, Director of Emerging Communication Technology at Voxeo, but also on the Board of the Voice over IP Security Alliance (VOIPSA) has written two excellent pieces in another of his blogs, Voice of VoIPSA, discussing the blocking of VoIP calls by Aircell. The first explains how they can block Skype calls, even though they are encrypted while the second goes on to explain why Andy Abramson could make a VoIP call using Phweet.
There it is… all in UDP… and coming in at about 100 packets per second. And if I look at the actual Wireshark traces, I can see that these 100 packets per second are all very tiny sizes. Many of them are between 37 and 50 bytes.
And this is an encrypted Skype call!
No need to decrypt it. Just see that it’s a steady stream of 100 very small packets per second (50 packets per second each way) all over UDP.
Kill the stream. Block it. Conversation dead. No more VoIP on the plane.
It’s basically the network security version of Whack-A-Mole. See a VoIP stream start up… block it. See another one… block it. See yet another… block it. Whenever anything pops up that meets the profile, stomp on it.
This explains, too, why people could talk for a few seconds and then had their conversations terminated. The pattern has to appear in the network monitoring software. The software has to be sure it’s a VoIP stream and not something else… and then the software can block it.
Now I don’t know for a fact that this is how Aircell is blocking VoIP, but it would be easy enough to do it this way.
And there you go… one very possible reason why Phweet may work and Skype, Sightspeed and others were blocked is simply this:
The Tringme Flash-based softphone is sending audio over TCP and Aircell is not recognizing and blocking VoIP calls over TCP.
Or at least Aircell wasn’t blocking TCP. (They probably are by now or will be soon.)
Now to be fair, if Aircell isn’t blocking TCP, this was probably a decent assumption to make. I mean, the typical mindset to date has been… who in their right mind would send audio streams over TCP?
In all the VoIP systems I’ve worked with, I can’t think offhand of any other systems that send audio over TCP. As part of its range of tricks to get through firewalls, I understand that Skype can use TCP if it is unable to send over UDP, but I’ve never captured it doing so. The IP-PBXs I’m familiar with, both commercial and open source, all send RTP over UDP.
Read the entire posts for the details of Dan’s assumptions and explanations. One of Dan’s writing strengths is his ability to make technology understandable to the lay person.
As for not wanting to have voice calls available in flight I would soften my stand if human nature would change. Over the weekend I was reading a book on the history of one of our rural independent telephone companies where they were providing anecdotes about early usage of the operator-serviced telephones:
Mrs. Alice Cooley’s brother, Billy Huang, Tiverton, used the phone for the first time to call his chum a few houses down the street. Alice and some others were out in the garden and they heard Billy shouting loudly on the phone. He thought he had to shout to be heard. Some people never did get over the idea that they had to shout on the phone.
From “Bruce Municipal Telephone System – A Long Line of History 1910 – 1994” by Anne Duke Judd.
Enough said. Thanks, Dan for taking time to put up these explanations.
Tags: Dan York, Aircell, Skype, GoGo, Andy Abramson, TringMe, Phweet
Powered by Qumana