CXTech Week 34 2024 News and Analysis
The purpose of this CXTech Week 34 2024 newsletter is to highlight, with commentary, some of the news stories in CXTech this week. What is CXTech? The C stands for Connectivity, Communications, Collaboration, Conversation, Customer; X for Experience because that’s what matters; and Tech because the focus is enablers.
You can sign up here to receive the CXTech News and Analysis by email or by my Substack. Please forward this on if you think someone should join the list. And please let me know any CXTech news I should include.
PLEASE NOTE, post is too long for Substack. Read full article here: https://alanquayle.com/2024/08/cxtech-week-34-2024/
Covered this week:
Please Register for TADSummit 2024
It's Time to Register for TADHack 2024
Raj Shivakumar, Summer Internship with Jambonz building vCon
Podcast 85: TADSummit Innovators, Steve Lasker, DataTrails
RTC Security Newsletter, August 2024: WebRTC security
Kaleyra and Sarbanes Oxley
Mobile Core Network market hits historic low in 2Q 2024
Ericsson has sold iconectiv to Koch Equity Development for $1B
People, Gossip, and Frivolous Stuff
Please Register for TADSummit 2024
A big thank you to Strolid and TSG Global for sponsoring TADSummit. They understand the importance of focusing on the reality of today’s diverse markets. I’m grateful to all the presenters, they know programmable communications can step up to the current challenges using their innovations.
Robert Vis, Bird, recently described what is happening in A2P SMS as EOL (End of Life) pricing, simply volumes down and prices are up, to maintain revenues. We’re going to explore the reality of programmable communications / telecoms, no BS, the reality brands and consumers are experiencing. How we move forward with customer-focused practical steps.
TADSummit is the thought-leadership event in programmable communications / telecoms for over one decade.
The AGENDA is here. Check out the definitive truth in A2P SMS, it’s just the facts hidden from most. Same with the messaging monopolies. Consumers and businesses are suffering, losing life savings, losing millions in TCPA lawsuits and fraud over A2P SMS. In some countries like the US we no longer answer the phone because of robocalling and ‘spam likely’ notifications. Action is urgently required. The PSTN has never been this bad.
Here are a few highlights:
Following on from the excellent keynote from Unifonic last year on building local moats in each country of operation. Matteo Gatta, Founder GenNoor, ex-CEO BICS will keynote on “Conquer the world or win the customer? A cross road moment for CPaaS players seeking to shore up investor confidence.” This keynote looks at localization more broadly. It works, don’t just take Unifonic’s word for it. Deutsche Telekom won VirtualQ from Twilio because of its local focus. You’ll hear from them at TADSummit.
The one and only Eric J. Troutman of Troutman Amin LLP, Czar of the TCPA, will be presenting on “Telephone Consumer Protection Act for the International Audience.” Accidentally calling the wrong number when your customer changes (or customer’s customer, see Twilio’s lawsuit) cell phones without letting you know can result in a lawsuit. Knowing Eric is an important part of any company’s US communications strategy.
The Truth of RoboCalling in the US, from Alex Quilici, CEO YouMail Inc. Eric J. Troutman said in his podcast, “YouMail has become the biggest narc (informant) to the Federal Communications Commission.” YouMail has become the source of truth to the industry, quantifying the level of robocalling and spam SMS.
A small sample of the other world-class presentations, the full agenda is here, and there are many more presentations to add:
Matthew Smith on Industry 4.0 and programmable communications;
Ivan Maksic on A2P Revenue Assurance;
Daniel Gill on SMS Governance and Certification;
Alex Kinch on can a new foreign owned business even enter the US market for messaging?
Scott Warner on the Future of Messaging;
Dave Horton on Drachtio and Jambonz – the building blocks of voice in CX companies;
RJ Burnham on Voice AI: Breaking Past the Bullshit;
Nikhil Gupta, Vapi, When are we going to get GPT4o (Her) in open source? and
We’re the only event for 11 years straight that shows the reality of today, and how to be successful in the future. As the keys to success are not yet evenly distributed, but they exist.
It's Time to Register for TADHack 2024
TADHack 2024 runs 19-20 October.
This will be our 11th year of TADHack.
Thank you to the TADHack 2024 sponsors STROLID (vCon, resources are coming soon) and TSG Global (TNID). I’m hoping to add one more sponsor.
vCon (STROLID) is the global standard for conversations.
TNID (TSG Global) puts you in control of your personal, self-owned digital identity. They’re looking for help on the front end experience. TNID potentially solves the robocalling and SPAM SMS problem, its going to be big.
We recently had a chat with Raj Shivakumar about his summer internship with jambonz adding vCon (STROLID, one of this year’s TADHack sponsors). Raj was a vCon winner at TADHack Open in March, and from that win got a summer internship. Not only can you win cash prizes at TADHack, but also internships working on high profile open source projects. The chat is also a nice intro to vCon as well.
As a software student, contributing to open source projects is a great way to build a reputation, have an impact, and looks great on your resume. In fact, you may find it becomes your full-time business after graduation. Just make sure you graduate first.
Quoting Dave Horton, “TADHack is an excellent source of talent for open source projects, who come trained on the latest in programmable communications.” Dave considers this his ‘secret sauce’. Check out this YT Short from Dave on this topic.
Go to TADHack, most ‘locations’ will be online this year, the exception is Sri Lanka. Register for the sponsors’ resources, and we will keep you up to date. You’re going to learn important technologies, and have fun doing it.
Raj Shivakumar, Summer Internship with Jambonz building vCon
This podcast makes me very proud of everyone involved in TADHack. In March this year we ran TADHack Open, Raj was part of the team that won the vCon (STROLID) prize.
Dave Horton, Jambonz, a previous TADHack sponsor, saw their work and realized the team could help him add vCon to Jambonz, and all Jambonz’s customers. Jambonz is an open source voice platform for conversational AI providers and CSPs, used by Cognigy and Kore, who’s customers include Fortune 50 companies. Jambonz is in the big leagues! And is bringing vCon to the big leagues!
As Dave clearly stated, TADHack is an excellent source of talent for open source projects, who come trained on the latest in programmable communications. He considers them his ‘secret sauce’.
Thomas Howe, the father of vCon, was also on the call to see his standard being used in the field.
Raj showed some of his work, using vCon to compare real-time and non-real-time transcription. Also analyzing turn by turn conversations to rate how each turn progresses the conversation. This reminded me of the work Symbl.ai is doing on scoring human and bot agents, I think there’s synergy there.
Also implemented was redaction of PII (Personal Identifiable Information) on the original recording to protect privacy. There’s also a discussion on the JSON schemas used. vCon is moving from standard into an active community building on each-other’s shoulders.
Jambonz is building use cases focused on the front-end of the voice AI process. Once its in the hands of Cognigy and Kore’s customers, we’ll see an explosion of applications through 2025.
Raj did several projects for Jambonz over the summer, and built out his SIP and VoIP skills. Raj will continue to be involved in Jambonz, open source projects always need contributions.
As a software student, contributing to open source projects is a great way to build a reputation, have a massive impact on an industry, and looks great on a resume. In fact, you may find it becomes your full-time business after graduation. Just make sure you graduate, if only for your parents.
Congratulations to Raj, Dave and Thomas in showing why TADHack matters!
Podcast 85: TADSummit Innovators, Steve Lasker, DataTrails
I met Steve through Thomas Howe. Steve is the Director Ecosystem for DataTrails, DataTrails provides next-generation transparency technology for any data supply chain. Put simply, AI without transparent audit trails can’t be trusted. Now that’s something we’ve heard from Thomas a few times
Steve is a contributor to SCITT (Supply Chain Integrity, Transparency and Trust), an IETF standard. He’ll be presenting at TADSummit in October. I show the sessions description below. There’s an important link between vCon and SCITT in ensuring the integrity of vCon as it passes through organizations and secondary processing such as speech to text, or used in training of an LLM.
SCITT supports the ongoing verification of goods and services where the authenticity of entities, evidence, policy, and artifacts can be assured and the actions of entities can be guaranteed to be authorized, non-repudiable, immutable, and auditable. Say I receive a vCon from a partner, I’ll need to check on the status from the partner, say every 24 hours. The vCon could have been redacted or updated as there was a transcription error, hence I update the vCon after checking its status.
Steve brings lots of experiences to his current role. He was solving problems for Azure in securing workflows for Azure users and Azure itself. On the SCITT site they have a SBOM (Software Bill of Materials) use case.
You’ll see there are many applications of SCITT beyond vCon in telecoms. It could be applied to SMS, or really any message / communications. Who created it? Can I trust its authenticity? For example, are the people who they say they are? Was AI used? As always a picture helps, see below on the core of SCITT.
The focus of SCITT is software supply chain, even through it could also be applied to hardware as well, as discussed in the video. I think in telecoms / communications SCITT enables a level of trust and traceability we’ve lacked so far.
Steve’s TADSummit Session.
SCITT and vCon AI governance for conversations, at scale
Steve Lasker, Director of Ecosystem DataTrails
An introduction to Supply Chain Integrity, Transparency and Trust (SCITT), an IETF standard.
Why does managing the compliance of goods and services across end-to-end supply chains matter? For example, SCITT could be the end of deep fakes!
SCITT supports the verification of goods and services where the authenticity of entities, evidence, policy, and artifacts can be assured.
Combining SCITT and vCon deliver AI governance for conversations, at scale. As vCons move through the lifecycle, SCITT builds a transparent ledger, enabling regulators and auditors to keep consumers safe. Consent is built into the vCon/SCITT combo.
Some SCITT use cases to help you understand the relevance of SCITT and why the combo with vCon is essential for business use cases.
Kaleyra and Sarbanes Oxley
In August 2023 I wrote, Understanding TCR and Kaleyra Part 2. I mentioned the case Pulzone v. Kaleyra, Inc. It’s just settled. What’s interesting is the settlement of a 3 year old case was reached within 24 hours of Bill Peters meeting with the plaintiff’s lawyers as a witness against Kaleyra. Draw what inference you want from that, but clearly Kaleyra wanted this case closed fast once Bill was involved.
Today, I anonymously received a copy of one page from the “TRANSCRIPT OF FINAL PRETRIAL CONFERENCE BEFORE THE HONORABLE DAVID J. NOVAK UNITED STATES DISTRICT JUDGE.” See image below, it’s shocking what the judge said. Note the document is not yet available on Pacer (Public Access to Court Electronic Record), but is available from the court reporter for $25, any changes would be to protect the identity of third parties, not the lawyers of the case, nor what the Judge said to those lawyers.
Pro hac vice is a practice in common law jurisdictions whereby a lawyer who has not been admitted to practice in a certain jurisdiction is allowed to participate in a particular case in that jurisdiction. That is Mark Romeo (Littler lawyer) could practice in Virginia for the Pulzone vz. Kaleyra case. In checking on whether such commentary from a judge is normal. According to 3 highly experienced lawyers, they have never seen a judge make such statements throughout their combined 100 years of practicing law.
Note in the article, “Long, drawn-out, lawless litigation.” said Judge Colleen McMahon, the judge expressed her disapproval of what was happening in Bill Peter’s arbitration:
“I don’t approve of arbitration. I will tell you that right off the bat. I don’t approve of arbitration at all. And I particularly don’t approve of commercial arbitrations like this because they’re not really arbitrations, they’re litigations. Arbitration is something that’s supposed to happen snap, snap, snap, snap, quickly, to resolve disputes. That’s not what happens in commercial arbitration these days. It’s just long, drawn-out, lawless litigation.”
Judge Colleen McMahon
To Tata Communications, Kaleyra, and The Campaign Registry; your reputations are being besmirched by your lawyers. Judge Colleen McMahon gave Littler her frank opinion on the arbitration. Judge David Novak got to the point of considering reporting your lawyers. When Judges do that, something is seriously wrong.
Bill’s arbitration continues into 2025. The lawfare continues against innocent people doing their jobs. As an industry we should be holding both sides to account, lawfare is not acceptable. In Julia Pulzone’s case, fired in 2019, settled in 2024. In Bill’s case, fired in 2022, with arbitration possibly ending in 2025, and then the court case running into likely 2027.
On Monday we’ll have a Truth in Telecoms covering this, and the sale of TCR.
RTC Security Newsletter, August 2024: WebRTC security
Enable Security's latest presentation for OWASP 2024 Global AppSec.
An intriguing blog series by Margin Research on synthetic vulnerabilities in Signal-iOS’s WebRTC.
Updates on new Cisco phone vulnerabilities that won’t be fixed, and a recently addressed Asterisk AMI vulnerability.
A brief overview of notable presentations from Blackhat, DEF CON, and BSidesLV that might interest the RTCSec newsletter audience.
Enable Security are preparing a presentation that will be delivered on September 26th at the OWASP 2024 Global AppSec conference in San Francisco.
Title: Web Security Experts: Are you overlooking WebRTC vulnerabilities?
As the web evolves, so do the complexities of securing it. WebRTC (Web Real-Time Communication) is a powerful technology embedded in every modern web browser, enabling audio, video, and data sharing. While WebRTC offers tremendous advantages for real-time communication, it introduces a unique set of security challenges that many web and API security professionals may overlook.
This presentation aims to bridge the knowledge gap between traditional web/API security and the specialized realm of WebRTC. Designed for OWASP attendees ranging from novice to advanced practitioners, it will provide a comprehensive overview of WebRTC security concepts, common vulnerabilities, and practical testing methodologies
Hacker Summer Camp 2024: Black Hat, DEF CON, and BSidesLV
The annual hacker events in Las Vegas took place this month, featuring numerous fascinating talks and presentations. Although ES couldn’t attend this year, several topics caught their attention. Here are a few highlights, along with their thoughts:
Listen Up: Sonos Over-The-Air Remote Kernel Exploitation and Covert Wiretap - Alex and Robert from NCC Group discussed a vulnerability in the Wi-Fi chipset of Sonos audio devices that allows full device takeover. This could enable eavesdropping on conversations in the room, among other security risks. Devices with microphones, particularly desktop VoIP phones, are especially vulnerable when fully compromised.
Listen to the Whispers: Web Timing Attacks that Actually Work - James Kettle from Portswigger presented a paper and tools on timing attacks, a vector often considered difficult to exploit. This presentation has practical implications not only for web security but also for real-time communication systems, which aligns with our ongoing work on VoIP and WebRTC security.
Combating Phone Spoofing with STIR/SHAKEN - A BSidesLV Crowd-Sourced Status Quo, Demo & Explanation - This session appears to be worth exploring. The video is available on YouTube.
Splitting the Email Atom: Exploiting Parsers to Bypass Access Controls - Gareth Heyes from Portswigger delivered a presentation at DEF CON and Black Hat on the security risks associated with email parsers used by websites, particularly their inconsistencies. This topic is particularly relevant to us, as SIP uses a similar email address format in SIP URIs, which could potentially expose similar vulnerabilities.
Mobile Core Network market hits historic low in 2Q 2024
A recently published report from Dell’Oro Group has shown that the 2Q 2024 Mobile Core Network (MCN) market cratered 15 percent year-over-year (Y/Y), marking a historic low point in growth. Further, the 5G MCN market growth stalled for the first time, declining 8 percent Y/Y in 2Q 2024.
The reasoning is simple, 5G delivered negligible new mobile revenues. Yes, 5G FWA (Fixed Wireless Access) has done well, though fixed broadband networks are a better long term solution.
It all comes back to what I've been saying for years, 4G is good enough. I'll not waste time explaining why 5G network APIs are constrained to private 5G for the short to medium term, provisioning works fine and avoids the headache of CPE application support through using APIs. But we'll just have to let the market show what is obvious.
To the telcos that read the CXTech newsletter, if you're looking for guidance that is not repeating vendor marketing. I have a multi decade track record on doing just that. Plus TADSummit shows the reality of our business and innovations you should consider.
Ericsson has sold iconectiv to Koch Equity Development for $1B
Ericsson has sold iconectiv to Koch Equity Development for $1B.
iconectiv's contribution to Ericsson's 2023 net income was approximately $0.1 billion.
https://www.ericsson.com/en/press-releases/2024/8/ericsson-announces-sale-of-iconectiv
This removes one of Ericsson's US regulatory headaches because they also bought Vonage.
The short code registry is a license to print money, likely Koch will look at parallel opportunities to iConectiv, and roll them up with TNS.
Koch did an investment in TNS back in 2016 after Siris Capital Group. Then in 2021 they bought TNS. With iConectiv things get really interesting.
TNS has been on a roll across comms, payments and financial services connectivity consolidation. Lots of roll-ups into TNS over the recent years. They support branded calling / robocalling mitigation.
If it's connectivity in payments, financial services, or comms IN (Intelligent Network to use the old school phrase) they're there. Fiserv is one of their clients, which is also on a consolidation track in financial services.
iConectiv is complementary, especially bringing in additional fraud and identity products. Short codes is simply a cash cow, as short codes is a premium priced service.
That's one of the reasons iConectiv did not 'win' The Campaign Registry, it did in principle according to the CTIA. But AT&T had other plans and awarded a consulting contract to BUC Mobile that became TCR, which became Kaleyra, which then lost the phone numbers in its database that correlated with a large prepayment (those games must stop), which then became Tata Communications.
TCR is up for sale, again, as Tata Communications thinks they can sell the monopoly before reality catches up. However, given there's no contracts from the carriers, and some carriers are not happy with TCR given how much consumers are spammed on 10DLC SMS in the US, compared to short codes and toll-free SMS, Koch Equity Development may be able to get it on the 'relative' cheap. Von Coalition's note to the Federal Communications Commission also highlighted TCR's problem. It's a complex situation, timing is everything.
A PE could follow what we're seeing in other countries with EOL (End of Life) SMS pricing. Simply raise prices, show revenue growth, then exit before brands finally walk away from SMS. 2024 has been 'interesting' in the US, and 2025 looks like more of the same.
People, Gossip, and Frivolous Stuff
Milovan Tosic is now Vice President of Engineering at Telesign. I've known Milovan throughout his time at Telesign, since 2019. He's helped run highly successful TADHacks in Belgrade.
Jonathan Labin is now supporting the founders in MENAP on a part time basis as Venture Partner at Antler. I've known Jonathan for about 4 years, since he joined Unifonic.
Iskra Nikolova is now Partner, Hybrid Cloud Services ANZ at IBM. I've known Iskra for about 8 years, since her time in SingTel.
Dannel Shanker is now Intercom's first ever Partner Solutions Sales Engineer. I've known Dannel for over one decade, since his time at Pubnub.
Nick Craig Waller has joined Messe Frankfurt UK as the interim Marketing Director working on the incredible Automechanika UK.
Chris Hutson is now Chief Revenue Officer (CRO) at VVPUSA
Muhammad Usman Bashir is now Developer & CTO at RTC LEAGUE (Private) Limited
Gaetano Nino DiNardi is SEO Course Instructor at CXL
You can sign up here to receive the CXTech News and Analysis by email or by my Substack.