The purpose of this CXTech Week 22 2023 newsletter is to highlight, with commentary, some of the news stories in CXTech this week. What is CXTech? The C stands for Connectivity, Communications, Collaboration, Conversation, Customer; X for Experience because that’s what matters; and Tech because the focus is enablers.
You can sign up here to receive the CXTech News and Analysis by email or by my Substack. Please forward this on if you think someone should join the list. And please let me know any CXTech news I should include.
Covered this week:
- All the Hard Stuff Nobody Talks About when Building Products with LLMs
- Passkeys, the beginning of 2FAs long slow decline
- RTC Security Newsletter May 2023: RTC conferences, advisories for Cisco, Mitel, sofia-sip
- 25 years ago Demon Internet was sold to ScottishTelecom
- Twilio Jumps 10% on meeting with activist investor Legion Partners
- TCR Acquisition (Giovanni Tarone) and The Campaign Registry
- Persistence hunting, How Microsoft Teams passed 300 million monthly users in May 2023
- Multi-time TADHack Winner Looking for more Challenging Opportunity either Full Stack or Front End
- Please Complete the Open Source Telecom Software Survey 2023
- People, Gossip, and Frivolous Stuff
Those that have seen TADSummit presentations on chatbots from David Curran, for example How to improve Natural Language Datasets, will recognize some of the challenges discussed in this article.
Honeycomb.io is an observability platform, their datastore and query engine can detect patterns across billions of requests in under 3 seconds. They built a natural language querying interface, Query Assistant. The key statement from their experience is “a lot of that hype is just some demo bullshit that would fall over the instant anyone tried to use it … it’s hard to build a real product backed by an LLM.”
Some of the points include:
LLMs are slow and chaining is a nonstarter. We found no tangible improvements in the ability to generate a Honeycomb query when chaining LLM calls together. LangChain won’t solve all your life’s problems.
Prompt engineering is weird and has few best practices. LLMs work, sort of, but its not a science, rather an art. Look at the Midjourney prompts, they’re all over the place, it’s amazing what some random stream of consciousness prompts create.
LLMs aren’t products. Unless you’re literally in the business of selling LLMs, an LLM isn’t a product! It’s an engine for features.
Prompt injection is an unsolved problem. The most important thing is that everything we do with an LLM today is non-destructive and undoable—and doesn’t touch user data. It’s also why we’re not currently exploring a full chat UI that people can interact with, and we have absolutely no desire to have an LLM-powered agent sit in our infrastructure doing tasks. We’d rather not have an end-user reprogrammable system that creates a rogue agent running in our infrastructure, thank you. And for what it’s worth, yes, people are already attempting prompt injection in our system today.
While on the AI topic, I also had an interesting discussion with Rob Pickering on LInkedin about The Center for AI Safety, and calls by those in a dominant position for regulation. My comment in the post below is shown here:
It’s all about the money. Now weak AI (it’s just software) is delivering reasonable results in specific applications, the investors want to build walls to protect their money. The best wall is regulation, this will stop the open source AI projects being a threat. Only big companies can afford that.My response to Rob’s post.
I talked about it in CXTech Week 20 2023, https://alanquayle.com/2023/05/cxtech-week-20-2023/.
OpenAI is singing 2 different tunes in the US (regulation required) and EU (if you regulate us we’re out of here).
For me the 2 applications I use are image generation (handy for blog hero graphics), and Khanmingo (https://alanquayle.com/2023/05/cxtech-week-18-2023/). I am finding Bard is quite good for summarizing the book my son is reading, and giving me lots of questions to ask to check understanding.
The end of 2FA has been predicted many times, yet it has continued to grow, especially through the pandemic.
Google launched passkey last month, it’s a secure credential tied to the PIN or biometric authentication your device already uses. The passkey only exists on your device, not in the cloud.
Compatible hardware, includes laptops / desktops with Windows 10 or macOS Ventura (or later) running Chrome 109, Safari 16, or Edge 109 or later. For a mobile phone or tablet, it must run iOS 16 or Android 9 (or later). You can also use it with any hardware security key that supports the FIDO2 protocol. You will also need to have a screen lock enabled, and if you want to use your phone to sign in to another device, such as a laptop, you will also need to have Bluetooth turned on. Which is a long way of saying, it works on most devices we use today, but not for everyone; 80/20 rule.
I’ve been using Google passkey since its launch, everything seems to be working fine. It’s only the first month, but I am seeing more and more people using passkeys. There really hasn’t been much promotion outside the geek community at present.
Given passkeys work with existing password vaults it’s something that is just there so one day in the future (years away) you discover all your sites are passkey enabled. It’s much slicker than FIDO’s previous attempts, their app was a little problematic.
I can see why corporates may be less enthusiastic, but from the consumer perspective its slick. For 2FA this is a long run impact. I think many of the web brands will adopt passkey, its slick, a finger press and you’re done. But adoption will take years, and its impact on 2FA will be slowing growth, and then in a couple of year decline in usage starting with the large web brands.
All your RTC Security news on one excellent letter from Sandro Gauci 🙂
Thank you Sandro for mentioning the Open Source Telecom Software Survey 2023. If you’ve not completed the survey, please do so. You do not need to be a hardcore open source geek, just someone who is interested.
For those that do not remember MagicJack, below is the advert. $20 a year for free calling in the US and Canada. Generally, you got what you paid for.
A security researcher, Momen Eldawakhly published a blog post and exploit code showing how the device can be weaponized to deploy malicious software instead of the normal desktop application. The reason behind this is that the device contains a hidden partition on the NAND flash memory that allows write access. References:
Demon Internet was the first dial up Internet Service Provider in Europe offering connection to the internet. They began in the 1990s, when modems were typically 9.6 kbps and by the end of the ’90s modems had claims of 56kbps. The service eventually moved onto DSL, cable, and FTTH.
When Demon was sold of ScottishTelecom (which became Thus), they were generating over a million minutes of use of the phone line per day. It’s a nice review by Roy Bliss of his time at Demon.
TCR Acquisition is a U.S.-owned and operated company headquartered in Alexandria, Virginia. TCR stands for “Telecommunications Company Repatriation Acquisition”. TCR Acquisition’s goal is to determine what role foreign countries may play in text-based campaign messaging within the US. I’m going to call it TCRA from now on.
TCRA made a formal offer to acquire the operating business of the campaign registry, a subsidiary of Kaleyra. After that there was an exchange between TCRA and Kaleyra, which ended, at least publicly, with this open letter regarding the foreign ownership of the campaign registry. Remember, next year there will be lots of political SMS campaigns running and the campaign registry plays a role in those campaigns. We should all be concerned if political SMS campaigns are impacted.
The campaign registry is an entity created by carriers like AT&T, T-Mobile, and Verizon. Initially Hook Mobile ran it, then they were bought by Kaleyra, so it ended up in foreign hands.
I know many brands are frustrated by the hundreds of thousands of dollars a year they each pay to the campaign registry, for what appears to be a way for the carriers to tax 10DLC (0.4 cents per SMS for registered campaigns and 1 penny for unregistered campaigns). And there’s a Vetting Score, which can be obtained through the campaign registry, that impacts the deliverability of a brand’s SMS. This is a powerful entity.
If you’re a brand frustrated by the the campaign registry’s fees / process; or a business messaging provider that runs political SMS campaigns that next year could be adversely impacted if your vetting score changes; or simply in the A2P messaging ecosystem and think the processes/fees/fines/scores need to be clear and open for all to see. You should get in contact with TCRA (Giovanni Tarone).
Twilio shares jumped more than 10% intra-day today (1st June) following the report from The Information, according to which activist investor Legion Partners has met several times with Twilio’s management and board, suggesting multiple changes to operations, including divestitures.
They’ve sold off the IoT business, had a couple of rounds of layoffs, and from what I understand have been getting more into routing again as their strategic PSTN aggregation partner Syniverse has not been that competitive. We could be entering another round of M&A in the SMS business.
While this review is perhaps a little rose-tinted, it does capture the long history of Microsoft in enterprise communications: Office Communicator in 2007, Lync in 2010, Skype for Business in 2015, then in 2016 to not buy Slack and instead build Teams, then the bundling of Teams in O365, and the integration with other apps like Zoom.
So the 300m number is really enterprise seats of O365 that includes Teams, which is most of them. Some of those seats also use Slack. I use Slack, Skype, WhatsApp, Linkedin, Google Messages, Telegram, Element, Google Chat, Zoom, Discord, and likely a few more I’ve forgotten about.
Simply, Microsoft has been in the enterprise communications space for decades, and like persistence hunting, they win by simply being there with a good enough product that is part of a bundling. And those that care can use their prefered apps, such as Zoom, WhatsApp, Slack, etc. If you’re a Microsoft enterprise, it’s just there.
Multi-time TADHack Winner Looking for more Challenging Opportunity either Full Stack or Front End
Software Engineer (Bachelor of Science in Computer Science)
- Test driven development in JUnit/NUnit, Selenium.CI/CD, Yaml pipelines, Terraform.
- Develop Front-End, Web-based UI interfaces for hardened cloud applications being used in a number of healthcare systems.
Winner of more hackathons than TADHack 🙂
Contact me if you’d like an intro / resume.
Thank you to everyone who has completed the survey. The deadline is June 15th 😉
Here is the link to the Open Source Telecom Software Survey 2023. It should take between 5-10 minutes depending on how many questions you answer.
The purpose of this survey is to gather your experiences and opinions in using Open Source Telecom Software, and share an anonymized aggregate result with those that compete the survey. I’ll also present a summary of the results at TADSummit in October 2023.
Thank you to Olle E. Johansson, Sandro Gauci, Dave Horton, Arin Sime, and Alberto González Trastoy for your support in creating this year’s survey.
People, Gossip, and Frivolous Stuff
Shira Levine is now Director, Portfolio and Segment Marketing at SES Satellites. Many years ago Shira covered Service Enablement and Subscriber Intelligence for IHS, so we presented at the same conferences around the world.
Craig Richards is now a Delivery Manager with Vodafone in the UK. He’s coping with the relatively cold UK weather, since living in KL for 15+ year has made him soft. Craig has been part of TADHack and TADSummit since the beginning and ran several massive TADHack KL events.
Dan Graves is now VP Product, Partner, and Customer Marketing at Laceworks. I’ve known Dan since his Symantec days.
Igor Douplitzky is now a Business Strategy/Innovation/Open Innovation Consultant. I’ve known Igor thorough most of his time in Orange.
Dan Jenkins having a Friedrich Nietzsche moment at the OpenSIPS Summit.
The Original IdeaMart team, they created the most successful country-wide innovation ecosystem of any carrier. They achieved success in programmable telecoms using APIs and no-code from 2013. Ideamart remains a partner of TADHack and TADSummit. Check out Sammani’s keynote from 2021 on Ideamart for Women.