For three or four endpoints all within the home, you could do this with just ATAs and not even need a SIP server. Many ATAs have a configurable "dial plan" that will let you map a number to an IP address, thus giving you the ability to call the other terminals directly within the LAN.
Janky is directly proportional to cost. Grandstream are the jankiest and least expensive. I like the Cisco 191; it is a fine unit but costs about $100-120.
Making it easy to buy stuff from them definitely helps their bottom line. Unfortunately the few companies I've wanted to buy from but their website was horrible and made me go elsewhere, either completely ignored or dismissed my complaints about having just lost a customer.
Carriers both land/VoIP and wireless must attest to having fraud mitigation measures; this is the "Robocall Mitigation Database" and in Cape's record they exempt themselves from STIR/SHAKEN attestation but state they have measures to prevent fraudulent calling. (which is required for them to be permitted to operate)
What kind of measures are possible to prevent fraudulent calls when the caller is your anonymous customer? The answer is obviously "none," unless you respond to every complaint by terminating service of the offending customer and hoping they don't come back.
> What kind of measures are possible to prevent fraudulent calls when the caller is your anonymous customer?
Presumably some fairly basic heuristics would be sufficient. Robocalling isn't economically viable if you only get a few calls per subscription. You need to place (I assume) at least thousands of calls per day per subscription for it to even begin to make sense. Any account doing that is going to be blindingly obvious provided you have even 30 minutes worth of logs.
I can already walk into Walmart and purchase a cheap prepaid device with cash. That's pretty close to anonymous.
In 2021 I speculated on IP and acquired a /23 block by ARIN wait list. I figured on running some services from the IP space for a while and after the 5 years mandated wait time would cash in when surely it would fetch $100k from some party desperate for IPv4.
At this point the services I am running are far more lucrative than the IP space itself is turning out to be.
Around 2010 I ditched Perl for PHP because I had been using PHP for web and could write the same systems scripts in PHP as I used to write in Perl. Sticking with one go-to language is easier on the brain.
> It is unfair to blame Cloudflare (or AWS, or Azure, or GitHub) for what’s happening
> Ultimately end-users don’t have a relationship with any of those companies. They have relationships with businesses that chose to rely on them
Could you not say this about any supplier relationship? No, in this case, we all know the root of the outage is CloudFlare, so it absolutely makes sense to blame CloudFlare, and not their customers.
Don't we say that about all supplier relationships? If my Samsung washing machine stops working I blame Samsung. Even when it turns out that it was a broken drive belt I don't blame the manufacturer of the drive belt, or whoever produced the rubber that went into the drive belt, or whoever made the machine involved in the production of this batch of rubber. Samsung choose to put the drive belt in my washing machine, that's where the buck stops. They are free to litigate the matter internally, but I only care about Samsung selling me a washing machine that's now broken
Same with cloudflare. If you run your site on cloudflare you are responsible for any downtime caused to your site by cloudflare
What we can blame cloudflare for is having so many customers that a cloudflare outage has outsized impact compared to the more uncorrelated outages we would have if sites were distributed among many smaller providers. But that's not quite the same as blaming any individual site being down on cloudflare
If I'm paying a company that chose Cloudflare, and my SLA with that company entitles me to some sort of compensation for outages, then I expect that company to compensate me regardless of whose fault it is, and regardless of whether they were compensated by Cloudflare. I can know that the cause of the outage is Cloudflare, but also know that the company that I'm paying should have had a backup plan and not be solely reliable on one vendor. In other words, I care about who I pay, not who they decide to use.
Devil’s advocate: I operate the equivalent of an online lemonade stand, some shitty service at a cheap price offered with little guarantees (“if I fuck up I’ll refund you the price of your ‘lemonade’”) for hobbyists to use to host their blog and Visa decides to use it in their critical path. Then this “lemonade stand” goes down. Do you think it’s fair to blame me? I never chose to be part of Visa’s authorization loop, and after all is done I did indeed refund them the price of their “lemonade”. It’s Visa’s fault they introduced a single point of failure with inadequate compensation schedules in their critical path.
Absolutely, yes. Where's your backup plan for when Visa doesn't behave as you expect? It's okay to not have one, but it's also your fault for not having one, and that is the sole reason that the lemonade stand went down.
> Where's your backup plan for when Visa doesn't behave as you expect?
I don’t have (nor have to have) such a plan, I offer X service with Y guarantees paying out Z dollars if I don’t hold up my part of the bargain. In this hypothetical situation if Visa signs up I assumed they wanted to host their marketing website or some low-hanging fruit, it’s not my job to check what they’re using it for (in fact it would be preferable for me not to check, as I’d be seeing unencrypted card numbers and PII otherwise).
The person above who replied to you thinks you're talking about a proverbial lemonade stand taking payments via Visa. That's the misunderstanding.
That aside, I think the example is good. It's a bit like priority inversion in scheduling. With no agreement from the lemonade seller they've suddenly changed greatly in terms of their criticality to some value creation chain.
Later today or tomorrow there's going to be a post on HN pointing to Cloudflare's RCA and multitudes here are going to praise CF for their transparency. Let's not forget that CF sucks and took half the internet down for four hours. Transparency or no, this should not be happening.
Alot of things shouldnt be happening. Fact is that no one forced half the internet to make CF their point of failure. The internet should ask themselves if that was the right call
reply