CXTech Week 18 2023 News and Analysis

The purpose of this CXTech Week 18 2023 newsletter is to highlight, with commentary, some of the news stories in CXTech this week. What is CXTech?  The C stands for Connectivity, Communications, Collaboration, Conversation, Customer; X for Experience because that’s what matters; and Tech because the focus is enablers.

You can sign up here to receive the CXTech News and Analysis by email. Please forward this on if you think someone should join the list. And please let me know any CXTech news I should include.

Covered this week:

  • Khanmigo, Generative AI in Khan Academy
  • Why has service innovation in programmable communications been difficult for carriers?
  • When to use the Daily Prebuilt Component vs. its Video SDKs?
  • RTC Security Newsletter April 2023: 3CX incident updates, WebRTC security and H264
  • Data loss costs are going up
  • Dialog Axiata agrees Airtel Sri Lanka tie-up
  • Vodafone Business UC with RingCentral Now Available in Italy
  • Sangoma Suite All-in-One Communications Bundle
  • People, Gossip, and Frivolous Stuff

Khanmigo, Generative AI in Khan Academy

I’m a fan of Khan Academy, I donate monthly. It helped my son get into advanced math. A short digression so you understand why Khan Academy is important to me. During 5th grade on the statewide COGAT testing (like the 11+ exam in the UK) my son scored 148 out of 150. We’d not done any prep, we were naive back then.

Yet given that score he was not selected for advanced math in 6th grade. I’ll not go into the details, only to say the school district has changed the process after this happened. To correct the ‘error’ in a matter of weeks my son had to learn all 6th grade maths to retake a test we were told did not matter and not to worry about back in 5th grade. While some kids had been advised privately to learn a subset of 6th grade math through 5th grade.

Khan helped my son learn all 6th grade maths fast. Today his score in advanced math is usually 95-96%, he doesn’t do 100% as every problem must be finished as fast as humanly possible, or he’ll answer the question he thinks is being asked based on just looking at the terms in the question, sigh. I could rant for hours on the biases of the American education system. Only to say there are many dimension of intelligence, not just one; good enough not perfection wins everytime; and the most loquacious employees tend to have great excuses on why they did not deliver, yet the quiet ones get it done.

Now onto Khanmigo. This is a nice example of the application of generative AI. It can help students correct misconceptions in their math problems, or debate a topic to refine their arguments (using socratic method), or asking questions of characters in a book to better understand their feelings and motivations.

I had a quick play last night, and found the experience interesting. On the math side I think it will help for students that didn’t fully understand the training videos. For Science I found it helpful in ensuring full understanding of a concept / process. It’s quite good at understanding what you write, and pointing out what was missing, or if not missing, simply showing a list that is full and consistent.

On the literature side that was really interesting, I had a discussion around Edgar Allan Poe. I made assumptions about the author’s motivations based on his history and works. And the tool pointed out where some of my assumptions were not necessarily supported. Mentioning authors write about topics using terms and ideas that were fashionable at the time, that they may not necessarily agree with.

Khanmigo is an interesting first cut, my son has yet to play with it, I’ll report back after a few weeks. I’m going to see how it helps on the ‘wordy’ science of biology. And we’ll likely now start exploring the humanities more with Khan Academy. Here is Kal’s introduction to Khanmigo.

Why has service innovation in programmable communications been difficult for carriers?

This article was stimulated from a weekend conversation where I realized the historical context for service innovation in carriers is being overlooked; and the history of programmable communications in telecoms is being rewritten.

For carriers to be successful in programmable communications, they need to partner with aggregators and programmable communication companies, they’ll help find the opportunities and manage the people, process, and technology issues to avoid a repeat of OneAPI 1.0, RCS and likely OneAPI 2.0 (CAMARA).

Network equipment vendors are the right partners for network innovation with carriers, however, after several decades its clear for programmable communications, they are not the right partners. They walked away from their standardized Parlay gateways while Twilio, Syniverse, Infobip, Vonage, MITTO, RingCentral, Telesign etc. built the programmable communications / aggregation business.

Partner with the experts in programmable communications, and given the maturity of some open source projects like Jambonz, consider building it yourself and target large accounts in your countries of operations. The targets are always moving thanks to technology evolution, particularly thanks to open source. However, large organizations do tend to be more set in their ways. The pre-occupation on API standards given decades of history is absolute proof.

When to use the Daily Prebuilt Component vs. its Video SDKs?

WebRTC Ventures answers a question I’d thought about, but not formed a firm conclusion, as its complex. Daily’s biggest differentiating features is that they support different ways for developers to build. Daily Prebuilt allows you to drop a hosted video call component into your website or product with just a few lines of code.

It’s a fantastic feature that allows a web developer without live video experience to quickly add in a WebRTC call to their web page. For those who need more sophisticated live video implementations, Daily also offers core APIs and video SDKs that have all or more of the same types of features you would find in a more traditional CPaaS.

This combination of Prebuilt and video APIs and SDK options is quite compelling. When should you use one over the other? As Daily includes many full-featured capabilities in the Prebuilt component, it’s not just about “fast” or “more powerful.” The WebRTC Ventures folks explore when to build custom with Daily and when the Prebuilt should meet your needs. They provide a handy checklist on when to use a Prebuilt component, and when to consider Daily’s core APIs and video SDKs instead.

RTC Security Newsletter April 2023: 3CX incident updates, WebRTC security and H264

You can not miss Sandro’s newsletter. I remember when H.261 was introduced in 1998 for two-way communication over ISDN lines, 64/128 kbps (1 or 2 bearers). The H.26x series of standards began in a very different world from today. Three researchers from the University of Texas and Oberlin College have just published a paper titled “The Most Dangerous Codec in the World: Finding and Exploiting Vulnerabilities in H.264 Decoders”. 

Their paper introduces H26FORGE which is a domain-specific infrastructure for analyzing, generating, and manipulating syntactically correct but semantically spec-non-compliant video files. In other words, it is a toolset consisting of a grammar-aware fuzzer for generating H.264 video files, and tools for analyzing and manipulating the files. The researchers used the tool to discover vulnerabilities in video decoder ecosystems and found the following vulnerabilities and more:

  • CVE-2022-32939: Buffer overflow in AppleD5500, the video decoder driver shipped with iOS and iPadOS operating systems; causes memory corruption and kernel panic
  • CVE-2022-42846: Infinite loop in AppleD5500 affected iOS and iPadOS; causes DoS and kernel panic
  • CVE-2022-3266: out-of-bounds read (led Firefox GPU utility process to crash) and information leak in Firefox
  • Use-after-free in FFmpeg’s libavcodec, which is used by VLC

Needless to say, H.264 is everywhere and likely to remain everywhere as an archival format, this is a significant security issue.

Data loss costs are going up

On Monday it was announced TMO US had a second data breach of 2023, its ninth since 2018. A hack that exposed account PINs and other customer data. The intrusion, which started on February 24 and lasted until March 30, affected 836 customers, a relatively small number. Back in 2021 TMO lost quite a bit of my data. Google have a dark web monitoring service which is quite handy for tracking this stuff.

The 2023 Data Security Incident Response Report found while the number of ransomware incidents the firm responded to dipped in early 2022, it came roaring back toward the end of the year and into early 2023.

With this came higher ransom demands and, eventually, payments. The largest ransom demand last year was more than $90 million, with the largest payment exceeding $8 million. Both were larger than in 2021 (more than $60 million and $5.5 million respectively).

The average ransom paid hit $600,688, up from $511,957 the year before, though still below the peak of $794,620 in pandemic-ravaged 2020. About 40 percent of victims paid a ransom.

Investigations into breaches aren’t cheap, victims aren’t only paying more if they decide to pay the ransom, but the overall cost of forensic investigations of data breaches also jumped. For the 20 largest network intrusions, the average investigation costs increased 24 percent from $445,926 in 2021 to $550,987 a year later.

BakerHostetler in 2022 handled 494 security incidents and 42 resulted in one or more lawsuits being filed by people unhappy about their data being stolen. That compares to 23 such lawsuits filed in 2021. More than half of the 42 incidents that resulted in lawsuits – 26 – involved medical and health information being breached, and 20 involved a healthcare organization. Forty included Social Security Numbers or driver’s license data and six involved payment card information. As stated in the TADSummit Special session on the EU CRA from Olle and Sandro, security must be baked in at the start of any project.

Dialog Axiata agrees Airtel Sri Lanka tie-up

Both Dialog Axiata and Airtel have presented at TADSummit, as they have achieved impressive service innovations. With respect to Ideamart in Sri Lanka they have also collaborated, given the success of Ideamart. So the tie up is sort of predestined from a service innovation perspective 😉

Dialog Axiata struck an agreement with Bharti Airtel to merge their respective operations in Sri Lanka. In a joint statement, the companies revealed they had signed a binding term sheet to merge, with the proposed transaction giving Airtel a stake in Dialog. Airtel will receive new shares in Dialog upon completion of the transaction.

Vodafone Business UC with RingCentral Now Available in Italy

At TADSummit 2022 the RingCentral keynote was presented by Filipe Leitão, Global Service Provider Channel SE, RingCentral. Slides & Video. He described the important shift from voice to workflows. This is an important shift, communications is table-stakes. The focus is now on solving business problems using programmable communications with partners. RingCentral showed where the industry is going, ignore Filipe’s presentation at your peril.

The key points Filipe raised are the growth potential in the market, most enterprise are not yet using RingCentral.  The M&A through the pandemic, see my welcome presentation for some examples, has resulted in many similar offers. Joao also mentioned this in his presentation on how crowded the market has become. Does the market simply focus on pricing and feature differentiation?

Filipe neatly summed up a point raised in many of the keynote presentations, focusing on value by solving problems for the customer. In RingCentral’s case with its platform and ecosystem of partners. Or quoting Filipe, an “ecosystem of innovation that not only delivers results, but solves real-life problems for businesses and users alike.”

And RingCentral is now available through Vodafone in Italy.

Sangoma Suite All-in-One Communications Bundle

All the way back in 2019, 4 years ago, I gave a keynote at Astricon. At the end of the presentation I gave a slide on Sangoma’s suite of offers, see below. This is out of date given their additional acquisitions since then. But it served the purpose to highlight that there is a large segment of enterprises and SMB who do not have an IT department, so need a local partner and open source to cost effectively meet their enterprise communications needs.

Recently Sangoma has stitched all these solutions together into Sangoma Suite that combines their UCaaS, collaboration, video meetings and integrations into a comprehensive platform while providing deep discounts for building Sangoma’s contact center, phones, SD-WAN and cloud security solutions.

People, Gossip, and Frivolous Stuff

Dave Horton has hired a great engineer out of the Telestax/Mavenir Hoàn Lưu Hữu to work on Jambonz and Drachtio.

Despina Ypsilanti is now UX Lead at 1NCE, the provider of #connectivity and #software for IoT at a global flat rate. She joins Henrique Rose, Fernando Mendioroz, and Jaime Casero. Its heartening to see the Telestax team come together again.

Phil Sorsky is now Chief Commercial Officer at the Wireless Infrastructure Group [WIG], the UK’s #1 provider of mobile connectivity in high-capacity indoor environments across the UK, The Netherlands and Ireland – including Anfield Stadium. Phil and I first met when he led sales at Camiant (policy control that was sold to Tekelec then into Oracle).

Marija Pavlovic is now Senior Solutions Consultant at Chargebee. We first met when she was with Telesign.

Ofer Cohen is now R&D Director at Skyhawk Security. He presented at TADSummit on real-time customer engagement when he was with LivePerson.

Igor Pavlov will soon be launching their GPT integration with Quilgo (Instant online assessments with AI) at Product Hunt in the middle of May. Remember to vote!

Julie Mocock is now Managing Director at Parlance Marketing Services Ltd.

Jérôme Tassel is now Program Director at Sky I’ve known Jérôme since his time at BT.

Jared Benson is now Principal, UX Design & Concepts at Volkswagen Group of America Innovation and Engineering Center California (IECC). I’ve known Jared since his time at Punchcut.

Benoit Paquin is now 5G produce management at Kalray. I’ve known Benoit since his time at Orange.

Chris Haddock is now Volunteer at WWT (Wildfowl & Wetlands Trust). I first met Chris at OpenCloud.

You can sign up here to receive the CXTech News and Analysis by email.