CipherSpeak Research

Jackbox

Jackbox

Active Member
Jan 2, 2016
197
96
74
Firstly, I want to convey the importance of planning and research to deliver superior quality.

For this I will be announcing what TeamSpeak and Discord use:
https://support.discord.com/hc/en-u...744612-Implement-newest-version-of-Opus-v1-3- - at a point Discord had improvements to Opus.
"Enabling the spec fixes in RFC 8251 by default"

"If Discord could transmit in stereo, and at a little higher quality, it would be a FORMIDABLE tool for music producers to work with each other remotely!" - having a music mode may be of use to some folks, even maybe for a charge to unlock that superb level of quality. The steeper bitrates are more taxing after all.

TeamSpeak uses BouncyCastle - https://github.com/bcgit/bc-csharp/tree/1cdf80bc3f540b5531c158dacf4d67976b028fef --- https://www.bouncycastle.org/ .. I think this is overkill and pretty retarded (kindly).

Below quite is sourced from "pretty retarded" href.
Now, I’m not the sort of person to resort to ad-hominem attacks, but when I read an article “Why Do Java Developers Like to Make Things So Hard” (no, I’m not linking, find it yourself) and one of the actual attacks is on myself and my co-developers, well, I feel that deserves a response.
This is what I am pissed about;
Immediately, I ran into the thing I hate most about Java developers. They (as a group) are in love with how clever they can be. The Bouncy Castle code was a morass of Factories, multiple different classes that needed to be configured in order to make everything work right, and even at that I couldn’t get it to work after a day of messing around. The mantra in Java seems to be to never hardwire anything, so that in the hypothetical “someday”, you can rip out class X and put in class Y by just adding a Factory. The end result however, is code that’s confusing to use, hard to maintain, and never seems to be very well documented.
First I’ll share a few things. BouncyCastle is a set of Java cryptographic API’s that implement base algorithms (like AES, DES, MD5) and also includes a bunch of extras like S/MIME and PGP. So, there’s a lot of code there. What’s more it’s been implemented in such a way that the majority of the functionality can run on the J2ME platform as well as be conformant to the Java JCE. And it’s all free. Completely free, more free than the GPL free.
Now, to be completely clear. Fuck you James. We aren’t in love with how clever we are. We do something and give it away so other people can benefit. We do what we do because we enjoy the community and the joy of writing code. Much of the code is a “morass of Factories” because that’s what is required. Using the high level abstractions such as the JCE require that. For our provider to be conformant with the JDK JCE it is required. To get the code to work with the variety of implementations (especially things like IE, Mozilla, PGP, GPG) there needs to be higher levels of abstractions. And the PGP implementation is new, and what’s more the PGP specification is broken and confusing and implemented many different ways. Of course, you don’t care about that. You only care if it worked for you. And what’s more you only care if it worked for you in the time you were willing to spend. Clearly your knowledge of security and crypto is very limited which was also inhibiting your ability to solve your problems. But that didn’t stop you flaunting that ignorance and masking that with an attack.
And onto the specifics. James was trying to use the newly created PGP libraries. Now, we’re the first to admit that we’re not perfect, and the PGP libraries are pretty new and there are bugs in the implementation as we find all the corner cases that exist in the PGP world. However James couldn’t get it to work at all. Now, that’s not a crime as some of this stuff is pretty confusing. So, James asked a question on the mailing list. For 2 days there were responses from the BC developers trying to help James sort out his problem. And then, without a word of thank-you, he’s gone. All of this can be seen in the BC mailing list archives. It turns out it was all too hard for James, so he went and found a Perl library.
As to documentation, well, that’s a perennial problem. One that we’re aware of, but it seems that most people can resolve that issue by themselves without having to attack the project in a public forum. There are examples, but they only cover the most basic operations. Most of the issues on the mailing list have pointed to the difficulty in selecting the correct keys from the PGP keyrings (which appeared to be James’ problem). Interestingly in the latest beta the examples are expanded to show better how to select keys, hopefully that will help people better.
Most of the people who have used the libraries have sorted it out with a minimum of fuss, and not felt the need to have a screaming hissy fit in public about how hard it is. I suppose that says more about the ability of James Turner than it does about the complexity of the libraries, and how certain people feel about taking from an open source project rather than being part of the project. For the benefit of the BC mailing list and the majority of the people who’ve used our libraries, I thank you for your patience, kind words and feedback. You are all the ones that make it worthwhile. I hope that James doesn’t need help from too many other open source projects from here on in, because I’m not sure he’s going to be too welcomed.
I’d be interested to hear from other BC users. Do you all feel the same as James Turner ? Are we nothing more than just a group who are in love with how clever we are ? Or is there some value provided by the project that it’s worth spending some time asking questions on the mailing list, getting help ?
Click to expand...

@Splamy made a neat project: https://www.nuget.org/packages/Splamy.TSLib/

... okay enough about all these stupid proprietary apps, onto the true Internet gold:

UDP socket connection over WAN

UDP socket connection over WAN
en.sfml-dev.org en.sfml-dev.org

Frequently Asked Questions (SFML / Learn)

www.sfml-dev.org www.sfml-dev.org
tools.ietf.org

RFC 7604: Comparison of Different NAT Traversal Techniques for Media Controlled by the Real-Time Streaming Protocol (RTSP)

This document describes several Network Address Translator (NAT) traversal techniques that were considered to be used for establishing the RTP media flows controlled by the Real-Time Streaming Protocol (RTSP). Each technique includes a description of how it would be used, the security...
tools.ietf.org tools.ietf.org
tools.ietf.org

RFC 5128: State of Peer-to-Peer (P2P) Communication across Network Address Translators (NATs)

This memo documents the various methods known to be in use by applications to establish direct communication in the presence of Network Address Translators (NATs) at the current time. Although this memo is intended to be mainly descriptive, the Security Considerations section makes some purely...
tools.ietf.org tools.ietf.org

A lot of neat intel from IETF materials, like this:
Code: 
6.1.  Lack of Authentication Can Cause Connection Hijacking

   Applications must use appropriate authentication mechanisms to
   protect their connections from accidental confusion with other
   connections as well as from malicious connection hijacking or
   denial-of-service attacks.  Applications effectively must interact
   with multiple distinct IP address domains, but are not generally
   aware of the exact topology or administrative policies defining these
   address domains.  While attempting to establish connections via
   TCP/UDP hole punching, applications send packets that may frequently
   arrive at an entirely different host than the intended one.

Continuing on to other Internet findings:
github.com

rfcs/text/0008-udp-hole-punching/0008-udp-hole-punching.md at master · maidsafe/rfcs

Request for Comment (RFC) papers and discussions on Project SAFE core libraries and APIs - maidsafe/rfcs
github.com github.com

Multi-threading required for client and server, and thoughts on a proposed setup

Multi-threading required for client and server, and thoughts on a proposed setup
en.sfml-dev.org en.sfml-dev.org
github.com

GitHub - ckennelly/hole-punch: A simple UDP-based NAT hole punching example for C.

A simple UDP-based NAT hole punching example for C. - ckennelly/hole-punch
github.com github.com
github.com

hole-punch/client.c at master · ckennelly/hole-punch

A simple UDP-based NAT hole punching example for C. - ckennelly/hole-punch
github.com github.com
github.com

hole-punch/server.c at master · ckennelly/hole-punch

A simple UDP-based NAT hole punching example for C. - ckennelly/hole-punch
github.com github.com
github.com

hole-punch/README.md at master · ckennelly/hole-punch

A simple UDP-based NAT hole punching example for C. - ckennelly/hole-punch
github.com github.com

Boost C++ Libraries

www.boost.org www.boost.org
github.com

ckennelly - Overview

ckennelly has 37 repositories available. Follow their code on GitHub.
github.com github.com
anyconnect.com

STUN, TURN, and ICE NAT Traversal Protocols | AnyConnect

AnyConnect pioneered the STUN, TURN, and ICE NAT Traversal protocols. Read how STUN (Session Traversal Utilities for NAT), TURN (Traversal Using Relays around NAT) and ICE (Interactive Connectivity Establishment) work here.
anyconnect.com anyconnect.com
levelup.gitconnected.com

WebRTC: the ICE Framework, STUN and TURN Servers

WebRTC (Web Real Time Communication) is an open source project enabling the creation of peer-to-peer (P2P) audio and video communications…
levelup.gitconnected.com levelup.gitconnected.com
github.com

GitHub - cracker0dks/nodeJsVoip: A simple nodeJs Websocket VOIP application without the use of WebRTC

A simple nodeJs Websocket VOIP application without the use of WebRTC - cracker0dks/nodeJsVoip
github.com github.com

Peer connection: audio only

WebRTC code samples
webrtc.github.io webrtc.github.io
bloggeek.me

The Challenging Path to WebRTC H.264 Video Codec Hardware Support

WebRTC H.264 hardware acceleration is no guarantee for anything. Not even for hardware acceleration. There are challenges you'll need to consider going in this route.
bloggeek.me bloggeek.me
talkroute.com

Why Talkroute Is Using WebRTC to Go Beyond Old-School VoIP

Here's why Talkroute is using WebRTC to go beyond old-school VoIP & why that can make your business communications faster, stronger, and simpler.
talkroute.com talkroute.com
stackoverflow.com

webRTC: How to tell Opus codec to use super wide band/full band

I am working on a webRTC web application which works wonderfully so far. What I have not figured out yet is how to tell the Opus codec to (force) use "full band", for example. Setting the codec up...
stackoverflow.com stackoverflow.com

Apple
websitebeaver.com

CallKit iOS Swift Tutorial for VoIP Apps (Super Easy)

If you're making a video chat or audio chat app, you can give your users a much better experience by using iOS CallKit. By the end of this Swift tutorial you'll learn how to make it so that when a user tries to start a video chat or audio chat with a friend, the native iOS Call Screen will show...
websitebeaver.com websitebeaver.com
developer.apple.com

VoIP Calling | Apple Developer Documentation

Initiate calls and search the user’s call history.
developer.apple.com developer.apple.com

Getting Started with the Voice iOS SDK | Twilio

Learn how to get started Programmable Voice for iOS and add Voice over IP (VoIP) to your iOS application.
www.twilio.com
stackoverflow.com

How to encode and decode Real-time Audio using OpusCodec in IOS?

I am working on a app which has following requirements : Record real time audio from iOS device (iPhone) Encode this audio data to Opus data and send it to server over WebSocket Decode received d...
stackoverflow.com stackoverflow.com
https://developer.apple.com/forums/thread/127317 "I try to build VoIP application on iOS with echo cancellation. For AEC as I understand I need to use Audio Units. The main problem is how to use AVAudioConverter to encode microphone data to Opus?"

New Features in Voice iOS 3.0

www.twilio.com www.twilio.com

ABTO Software VoIP SIP SDK for iPhone

Features of ABTO Software VoIP SIP SDK for iPhone.
voipsipsdk.com voipsipsdk.com

QuickBlox Docs

Guides for easy integration of QuickBlox messaging and video chat SDKs & API across iOS, Android, JavaScript, React Native, and Flutter. See our docs to build and iterate with QuickBlox quickly.
quickblox.com quickblox.com


Android

Getting Started with the Voice Android SDK | Twilio

Learn how to add voice communications to your mobile applications with Twilio's Programmable Voice API in this Twilio Voice Quickstart for Android.
www.twilio.com

Android SDK Tutorials | Sinch

Learn more about the Android SDK by following these tutorials.
developers.sinch.com developers.sinch.com
developer.android.com

Build a calling app | Connectivity | Android Developers

developer.android.com developer.android.com
https://medium.com/rahasak/opus-codec-for-android-voip-application-7cfe7cd3dd9b (scala and akka)
https://www.zoiper.com/en/support/answer/for/android/15/Audio_codecs - "When the call starts, Zoiper will send its preferred codecs list to the server. The other side will do the same. The first matching codec will be used."

As we can see, there are many ways to work through developing a solution for ICE: STUN/TURN/signaling - WebRTC. So many ways to develop, using SDKs, libraries, frameworks, and various online sources to borrow snippets or use them as encouragement for shaping how you will code a solution.

Long story short, developing software is not hard. It just takes time and deciation!
 
Jackbox

Jackbox

Active Member
Jan 2, 2016
197
96
74
You must log in or register to reply here.
Top