* You are viewing Posts Tagged ‘open source’

Celebrating Packt Publishing’s 1000 IT titles with an open invitation

Birmingham-based IT publisher Packt Publishing is about to publish its 1000th title. Packt books are well known among IT experts because of their uniqueness and practical orientation, but you’d be forgiven for not yet being in the know – Packt books cover highly specific tools and technologies which you might not expect to see a high quality book on.

Packt is certain that in its 1000 titles there is at least one book that everyone in IT will find useful right away, and are inviting anyone to choose and download any one of its eBooks for free over its celebration weekend of 28-30th Sep 2012. Packt is also opening its online library for a week for free to give customers an easy to way to research their choice of free eBook.

Packt supports many of the Open Source projects covered by its books through a project royalty donation, which has contributed over $4,00,000 to Open Source projects up to now. As part of the celebration Packt is allocating $30,000 to share between projects and authors as part of the weekend giveaway, allocated based on the number of copies of each title downloaded.

Dave Maclean, founder of Packt Publishing:

“At Packt we set out 8 years ago to bring practical, up to date and easy to use technical books to the specialist tools and technologies that had been largely overlooked by IT publishers. Today, I am really proud that with our authors and partners we have been able to make useful books available on over 1000 topics and make our contribution to the development community.”

Total Amount Of Asterisk Installations

Counting any Open Source package is difficult for many reasons. There is probably not a reliable answer to this question since there are at least 4 major “flavors” of Asterisk out there (1.4, 1.6, 1.8, 1.10) and open and commercial source. It is reliably > 10,000 and quite possibly over 100,000 or even over 1 million. The Asterisk folks might be willing to tell you how many downloads have been done from http://www.asterisk.org , but that wouldn’t tell you the real number.

Maybe a good start point for an estimate would start at 200,000+ if you are including all of the versions and types. But then we might still think about the Asterisk boxes that are plugged to the Internet.

Getting a reasonably accurate count maybe would not be that difficult, but everybody is so paranoid about anybody knowing anything about them and what they do.

Some community members, like Danny Nicholas, points out the idea of a ‘curl’ request in the script that starts Asterisk that sends your MAC address and Asterisk version number to Asterisk.org. Personally I think that’s a great idea, as there’s no IP address tracking involved or any other identifying information, just the MAC and cheese. Another important remark is that, being Open Source, you can see exactly what is being sent and could always ‘opt-out.’

Some really useful information could be gathered and displayed like:

  • ‘Popularity’ of different versions.
  • Average time between restarts by version number.
  • Ratio of starts to stops by version number. (The difference between starts and stops could be an indicator crashes.)

Other information that might be helpful to share would be the TDM capacity or maximum simultaneous call count. And all that without really getting ‘compromised’ regarding the shared information. After all, what ‘competitive advantage’ would someone have over you just knowing that Asterisk was started on a box owned by someone, somewhere?

Heap Buffer Overflow in Skinny Channel Driver

In the Skinny channel driver, KEYPAD_BUTTON_MESSAGE events are queued for processing in a buffer allocated on the heap, where each DTMF value that is received is placed on the end of the buffer. Since the length of the buffer is never checked, an attacker could send sufficient KEYPAD_BUTTON_MESSAGE events such that the buffer is overrun.

Now, the length of the buffer is now checked before appending a value to the end of the buffer.

Affected Versions:

  • Product Release Series
  • Asterisk Open Source 1.6.2.x All Versions
  • Asterisk Open Source 1.8.x All Versions
  • Asterisk Open Source 10.x All Versions

Corrected In Product Release:

  • Asterisk Open Source,, 10.3.1

Any one using VICIDIAL?

Hi all, I’m looking at options for installing/writing PBX software and I came across www.vicidial.org which seems to do almost all I need – and is open source and all.

I’d very much like to hear from anyone having experience with VICIDIAL, e.g. using it with different versions of Asterisk (the documentation only mentions * up to 1.6)

Best regards


Kirkestien 20
9230 Svenstrup

Telefon: 3020 0868

Email: binni@itanet.nu
WWW: http://www.itanet.nu


ISAC and Asterisk

Are there any plans to include the ISAC codec in Asterisk? Is it possible or
even desirable? Is ISAC open source (nothing indicates it is from the WebRTC
website http://www.webrtc.org)?

Linux Based Billing and CDR

Hi All,

Do you’ll have any recommendations on a Linux based Customer Management and
Pre-paid Billing system for Asterisk, Freeswitch or Kamalio?
The system should also allow customers to register, login, buy more credit,
view call records, etc.

Commercial or Open-source are ok as long as they run on Linux.