CXTech Week 51 2023 News and Analysis

Leave a reply

The purpose of this CXTech Week 51 2023 newsletter is to highlight, with commentary, some of the news stories in CXTech this week. What is CXTech?  The C stands for Connectivity, Communications, Collaboration, Conversation, Customer; X for Experience because that’s what matters; and Tech because the focus is enablers.

You can sign up here to receive the CXTech News and Analysis by email or by my Substack. Please forward this on if you think someone should join the list. And please let me know any CXTech news I should include.

Covered this week:

  • TADSummit YouTube Channel reaches 10k subscribers
  • Podcast 19: Truth in Telecoms, T-Mobile did What?
  • Podcast 18: TADSummit Innovators, Matthew Smith, fieldcloud
  • Podcast 16: TADSummit Innovators, Paul Walsh, MetaCert
  • LINK Mobility – LINK signs definitive agreement to divest Message Broadcast
  • BTS Acquired Kinecdid Networks
  • William Webb: Telecoms and Government Regulators: Top 10 Focus Areas for 2024
  • Dean Bubley: The 12 Lies Of Telecoms Xmas
  • Guillaume Bourcy: Yami Baito
  • Jambonz newsletter: December, 2023
  • Dec 2023 RTC Security Newsletter
  • Januscon 2024
  • OpenSIPS Summit 2024 is set for 14th-17th of May 2024, Valencia, Spain
  • Joao Camarate on SaaS Customer Support is hard
  • i3Forum. Can operators Restore Trust?
  • TelecomsXChange / OpenTextShield
  • A Special New Year’s Treat for Johnny Tarone fans, ‘Taronees’?
  • People, Gossip, and Frivolous Stuff

TADSummit YouTube Channel reaches 10k subscribers

The TADSummit Podcast is driving channel views (36k views on just Podcast 15: Truth in Telecoms, Booyah, A line in the sand) and subscribers (>10k). We remain true to our mission set in 2013 of promoting innovators and no-BS. The only change is rather than refusing to act like a shill / ‘book club’, we’re now calling out what’s going on, acting as a magnet for many in our industry to share what’s really going on.

The programmable telecoms, CPaaSAI, xCaaSxx, or any other acronym you prefer is under threat globally. We’ve been calling out what’s going on with for example the Messaging Monopolies post. We’ve got lots more to expose, for example on why robocalling remains a problem in the US (the front door was closed, but the back door remains wide open), the scams being perpetrated across the global SMS ecosystem, and an industry that steadfastly pretends solutions can only come from within the telecoms industry.

The internet has won, telecoms is part of the internet, cyber security must be included in solving the challenges we face, see TADSummit Innovator Interview with Paul Walsh, consumer/industry advocacy groups are critical partners to understand the size and impact of the problems. The telecom echo chamber is creating farcical situations, e.g. see i3Forum later in this newsletter, all the FCC’s orders over the past month with likely limited customer impact.

The FCC has, as we predicted, released a rash of rulings within the limited telecom tools available. For example, the Do Not Call list is not equivalent to a Do Not Message list. CSPs (Campaign Service Providers) and their brands are up in arms, marching on the FCC in January. Campaigns are being arbitrarily closed down by carriers, in some cases for a few SMS sent in error. A2P SMS has become a challenging business in the US, unless you pay $1.6B (Syniverse and Zipwhip) for perhaps some direct binds to the carriers. The lack of clarity is also part of the problem.

As we shared in the Messaging Monopolies, SMS spam is earning the carriers and their old-boys network billions. The financial incentives have resulted in the mess we see today, our eldery relatives and our children are being spammed and scammed, and the network is profiting. The scope of the FCC needs to change, spam and phishing are cyber security issues. AI is an important tool in this fight, the open source industry are responding, see the OpenTextShield article in this newsletter.

Podcast 19: Truth in Telecoms, T-Mobile did What?

This is possibly the last Podcast of 2023, we may squeeze one in next week depending on how people react to this one. It’s very spicy!

As you’ll see in the video, Johnny was fired up because of what TMO announced last night, see image below, a new set of fines. Timed while many people are travelling for their end of year vacations. An attempt to bury this story?

For all the businesses using A2P SMS, including the CSPs (Campaign Service Providers) this is a big lump coal from Father TMO. A $2k fine for just one message deemed to be phishing, effective 1st January 2024.

Despite finishing the year with a bit of a downer thanks to TMO. We wish everyone the best for 2024. Know we will be fighting for all the innovators in our industry, using every resource we have, including TADSummit and TADHack.

Podcast 18: TADSummit Innovators, Matthew Smith, fieldcloud

I first met Matthew of fieldcloud at TADSummit this year. He brings a wealth of experience across enterprise IT, SCADA (Supervisory control and data acquisition), and telecoms. He’s a great and vocal representative of all the industrial applications running on CPaaSAI, and provides a breadth of fresh air on private 5G telecom echo chamber.

He frames fieldcloud as the guardian of institutional knowledge in industrial oil and gas refining processes. There are so many commonalities with the challenges we see in other industries, it shows to my mind, the root cause are always humans 

But back to fieldcloud, often the reasons behind an industrial process are lost. It becomes a cargo cult. The term cargo cult is when an programmer inexperienced with the problem at hand copies some program code from one place to another with little understanding of how it works or whether it is required.

Fieldcloud brings the depth of experience to understand the core requirements of the process, and digitize what is required of the process onto modern tools and methods. For example, from an industrial perspective SMS is inadequate from a security, data transfer, and alerting perspective. Yet, it’s still being deployed. At TADSummit in Paris we had a fun discussion on the need to end of life USSD, while UIB/PAiC were demonstrating ChatGPT over USSD, breathing new life into it!

We’ll definitely have Matthew back on as we barely scratched the surface of the industrial requirements of CPaaSAI, and the synergies we see with the challenges within the industry on the loss of organizational knowledge.

Podcast 16: TADSummit Innovators, Paul Walsh, MetaCert

This is a critically important TADSummit Innovators podcast for our industry. Paul Walsh of MetaCert brings zero trust to SMS, finally enabling phishing over SMS to be solved. We’re going to have Paul back for the Truth in Telecoms podcast in the New Year. I’ve written about MetaCert over the years, check out this link to his open letter to mobile operators.

Paul brings deep cross-industry experience from his time in AOL when phishing was first detected, web and mobile web standards, deployments across the mobile industry, and cyber security. He brings a unique blend of skills that highlights the gaps in SMS firewalls, and why telcos need help from zero trust cyber security to make SMS the safest communications channel.

MetaCert’s approach is driven by the vision that there should be NO victims. Today most security firms work in compiling victims’ experiences, that is the malicious links they clicked. He’s doing one better and stopping any link that is not safe from being delivered to customers. We cover much in this podcast, MetaCert is live in a mobile network, and we’ll see an announcement in the New Year.

LINK Mobility – LINK signs definitive agreement to divest Message Broadcast

I missed this one, announced on the 6th of Nov.

LINK has entered into a definitive agreement to divest Message Broadcast to a U.S. based private equity firm (the Buyer). Message Broadcast is divested at an enterprise value of USD 260 million (EUR 243 million).

Message Broadcast provide the alerting services for the utilities companies. As many states have overhead power cables, power loss during storms is common. In the last couple of months I’ve lost power at home 4 times, one because likely a drunk knocked over a telephone post around 1AM, and then the rest because of branches falling onto the power lines.

This gives LINK a significant war chest at a time when valuations are depressed, well Twilio is bucking that trend, and there’s quite a few bargains given the challenges in the market.

BTS Acquired Kinecdid Networks

BTS has acquired Kinecdid Networks, a New Jersey-based global virtual numbering provider since 2007.

Kinecdid Networks provides scalable-capacity fixed, mobile, toll-free, two-way, PSTN replacement and SMS-enabled cloud telephone numbers from 150+ countries. These numbers can form the basis for a variety of services that can be routed to and from traditional and hosted telecom service providers for use with their end-users’ phone systems or their interactive voice platforms (calling card, conference calling, etc.).

Kinecdid Networks’ customer base consists of cable television operators offering voice services, Voice over Broadband service providers, competitive local exchange telephone companies, Tier 1 international carriers, ethnic market telecom portals, wireless carriers, enterprises and conference platform providers.

This acquisition capitalizes on Kinecdid Networks’ proven track record, its complementary focus in the Caribbean and Latin American markets, and automated provisioning and configuration capabilities.

William Webb: Telecoms and Government Regulators: Top 10 Focus Areas for 2024

This post along with Dean’s 12 Lies of Telecoms Xmas should be required reading for the industry. I pick on a few that caught my eye:

  • Data traffic growth is slowing – maybe focus on utilization than yet more spectrum.
  • 6G will be a software upgrade – National leadership in 6G will not be relevant, US please take note!
  • Quality coverage (mobile) and broadband inclusion (fixed) are the key issues for connectivity, not Gbit.
  • Fair share is dead, net neutrality should be too – operators are unable to incentivise web companies to limit the data they are producing. It will need close regulation, but we should be focusing on efficiency over the air interface at least.
  • Cooperation is needed – reconsider the purist approach to competition. Especially for rural broadband.
  • Implement a panel of super-forecasters and global independent experts. Regulators keep talking within a telco echo chamber, in fact so do telcos, this has resulted in many fiascos.

Dean Bubley: The 12 Lies Of Telecoms Xmas

  • No, autonomous vehicles don’t need 5G
  • No, there isn’t an “investment gap”
  • No, 5G won’t be ubiquitous
  • No, mobile data isn’t growing exponentially
  • No, data traffic isn’t caused by “large traffic generators”
  • No, voice is not the same as telephony
  • No, all Wi-Fi use isn’t “offload”
  • No, interoperability is not always good
  • No, you can’t guarantee end-to-end QoS
  • No, “digital” isn’t new or cool
  • No, mobile doesn’t enable huge CO2 savings
  • No, KPIs and metrics don’t mean what you think

The fact that William and Dean are pointing out the bleeding obvious in my opinion, demonstrates the telco echo-chamber is significantly out of step with is customers and other industries.

Guillaume Bourcy: Yami Baito

Recent incidents in Japan have raised serious concerns about the rise of “yami baito” or dark part-time jobs. Social media, once a space for connection and communication, is now being exploited by criminal organizations to recruit individuals, particularly young people facing financial difficulties.

A former yami baito hiree shared his experience, likening it to a video game where tasks were assigned, missions completed, and rewards received. The detachment from consequences was facilitated by communication through encrypted messaging apps like Telegram, allowing criminals to operate anonymously. This anonymity not only shields recruiters but also contributes to the dehumanization of victims, turning criminal activities into a detached, virtual reality.

There is no happy ending to this story, only the continuing battle of identity verification.

Jambonz newsletter: December, 2023

By the numbers:

  • We delivered 5 manor releases, culminating in the recent 0.8.5 release.
  • We added support for 6 new speech vendors (Nuance, ElevenLabs, Whisper, Soniox, AssemblyAI, and Cobalt), along with additional on-premise deployment options.
  • We had 17 github users contribute code  to the jambonz repositories (I’d particularly like to call out AVoylenko, SamMachin, ajukes, MattPreskett, EgleHelms,, MarkusFrindt, FabioGomes, and VinodDharashive for their contributions throughout the year).
  • We provided financial support for and gave talks at 2 open source conferences (CommCon and TADSummit) which play critical roles in trying to sustain the open source ecosystem in telcoms/RTC
  • We were a monthly sponsor to 2 of the great FOSS projects we use (APIBAN and Homer)
  • We added 1 full time developer to the project, Hoan Luu Huu.

Thank you Dave for your support of TADS 🙂

Dec 2023 RTC Security Newsletter

Required reading for anyone in the RTC industry. I highlight a couple of sections:

The best & worst of RTC Security in 2023

As this year is about to close, we looked at the past 12 months for the most concerning stories covered here. Making it to the top of this list is the 3CX supply chain compromise which affected a large number of people and organisations. The hackers, said to be a North Korean threat actor, compromised the build server which in turn led to the distribution of their malware inside 3CX’s binary updates. We covered this story in March and April as it unfolded. It is a story that includes some lessons – from how (not) to respond to security incidents, to how when a company – even if small – has a large enough user base, it becomes the target of nation-state level adversaries.

Another dramatic story was that concerning compromised FreePBX servers and security reports, a presentation at DEF CON 31, and the vendor, Sangoma’s lacking responses to the whole thing. We covered all of this in the October edition but back in February, we had also seen reports of FreePBX ARI attacks in the wild.

Finally, some amazing research was published by Google’s Project Zero concerning baseband SIP parser vulnerabilities. We covered this in April under the title of New advisories for the Samsung Exynos chipset, due to SIP attacks on VoLTE and then again in May as Shannon Baseband vulnerabilities abusing SIP decoders by Project Zero. Although this work might not have gotten the sort of attention that other stories did, we think that it is highly important work. Vulnerabilities affecting the baseband are more likely when in order to support VoLTE, the baseband needs to parse complex protocols such as SIP and RTCP. These vulnerabilities ultimately affect anyone who uses phones with the affected chipsets.

What’s Wrong With Fast VoLTE Deployments?

A telecom security company called SecurityGen has published a document covering the sort of security issues that could be found when phone companies expose their internal networks to 5G subscribers. Sensitive services such as SSH, FTP, X11, and web-management interfaces can be reached by potential attacks in cases where the necessary precautions haven’t been taken.

Januscon 2024

Call for papers closes January 31, 2024. Januscon will take place in beautiful Napoli, Italy, in 29-30 April 2024.

OpenSIPSSummit 2024 is set for 14th-17th of May 2024, Valencia, Spain

Joao Camarate on SaaS Customer Support is hard

Joao has been creating excellent posts on Linkedin. This one reviews Joao’s experiences in customer support, growing from a start-up to a medium sized global business. In the beginning their SaaS company support was done directly by the engineering team with Joao personally replying to customer emails and phone calls as part of his working schedule. They didn’t think much of it, it was just work and they had to get it done. The customer:engineering link was as strong as its possible to be.

However, it does not scale. A Helpdesk team was brought in, with people that excelled at Communication. They were now great at communicating but weren’t solving anything. The Engineering team got comfortable, they weren’t dealing with the customer, and priorities became fuzzy and customer tickets were just another thing on the backlog.

Fortunately / unfortunately they hit product market fit and sales took off, aggravating customer issues backlog as they prioritized new features to unlock revenue growth.

Joao investigated what was going wrong in creating the customer issues backlog. The number of hoops someone from the Support team had to jump through to get a response from either Engineering or Product was crazy. Even if they wanted to do a good job it was basically impossible as a lot of the issues that were coming up needed someone from Engineering to look at them.

Support had no access to the systems, they were a glorified Static Knowledge Base and, without access to logs, databases and system metrics they couldn’t respond to customer queries. We had a severe lack of tools, that spawned from a lack of trust between the Engineering and Support teams, and the only way forward was to build trust so that we could share access to systems and tools.

The third issue was response times from the Engineering team. From tasks not being responded, or taking weeks/months for a conclusion.

It’s been 5 years since that day Joao began his investigation, reducing their on-going backlog by 94%, reducing the average time to fix a bug from 45 to 5 days, increasing our NPS from -15% to +38%, reducing the amount of new monthly issues raised by 64%, all of this while also growing their user base by a whopping 620%. Check out Joao’s article to learn what he did.

i3Forum. Can operators Restore Trust?

I discovered there’s a carrier initiative attempting to restore trust in international telecoms by having conversations amongst telecom organizations, telcos, their proxies, and national regulators.

The focus is on the spamming of consumers and businesses from international sources. It does not appear to extend to the acts of fraud committed against consumers and businesses from the spamming, SIM swapping, porting out, and phishing.

I’m sadly unsurprised there are no consumer or industry advocacy groups on the board. I’m also sadly unsurprised a broader scope is not adopted beyond telcoland to include cybersecurity, which is also tackling similar problems around identity and spam protections, with more sophisticated tools.

There’s some common names of organizations involved in i3Forum with those in the Messaging Monopolies. Which calls into question the credibility of the organization in tackling spam.

My prediction is after lots of meetings and recommendations, a telco consultancy will be commissioned to do a survey on how great the i3Forum recommendations are and how they’re restoring trust, but more work is required. Its a band-aid to claim something is being done, and like TCR in the US, it’s simply a way to maintain the spam gravy train.

So in answer to the question I asked in the title, can operators restore trust? They could if they tried, but they do not appear to be willing.

TelecomsXChange / OpenTextShield

Open Text Shield (OTS): Open Source Collaborative AI for Enhanced Telecom Messaging Security & Revenue Protection

I know what you’re thinking, what’s revenue protection to do with spam protection? The dirty little secret of most SMS Firewalls is not consumer protection, rather blocking A2P messaging trying to sneak in as P2P. That’s why you see some SMS firewalls structure their deals as revenue share. Imagine that for enterprise firewalls!

This project recognized that aspect of the SMS firewall business and uses the latest developments in FastText and BURT to automate spam protections for any SMSC.

Check out Ameed’s project and get involved. As you can see in the gaps I’ve identified in the i3Forum from a quick look at their website, we need to take the matter into the hands of the innovators and solve it ourselves to protect our children and elderly relatives from the onslaught of spam and phishing.

A Special New Year’s Treat for Johnny Tarone fans. ‘Taronees’?

Over the holidays I plan to create some YouTube shorts of Johnny’s popular phrases. You know the ones I mean, “dirty cop suckers, chuckle chuckle”. Let me know the video link and timecode of the phrases you like and I’ll add them to the youtube shorts.

People, Gossip, and Frivolous Stuff

Florent Stroppa is not the Chief Product Officer at Nodle. He supported the first TADSummit in 2013 in Bangkok, and attended TADSummit 2023 in Paris He’ll also be on the TADSummit Innovator Podcast in the New Year.

Claes Cegrell is now Head of IT Architecture & Roadmaps at Telia Sweden after nearly 33 years in Ericsson. We first met when he was heading up service enablement, he supported TADSummit and TADHack back in 2013 and 2014.

Anand Parikh is now Chief Executive Officer at AirHop Communications. We first met when he led Nokia’s Partner Ecosystem, Advanced Communication Solutions over one decade ago.

Katya Lainé is elected to the Steering Committee at GPAI as Industry expert.

You can sign up here to receive the CXTech News and Analysis by email or by my Substack.

Leave a Reply

Your email address will not be published. Required fields are marked *