Messinet Secure Services

Messinet Secure Services is an ever-changing virtual classroom in which I learn about the GNU/Linux platform and all the services it can deliver. These services are the technological incarnation of an idea centered around keeping my family in touch with each other and technology.

Heartbleed & Us

As you probably know by now, Heartbleed is the name for a bug in the OpenSSL cryptography software that, in short, could enable an attacker to steal the private key that was meant to encrypt TLS secured connections. With access to the private key, the attacker could access user names, passwords, and other sensitive data that internet users thought was being transmitted securely.

Messinet Secure Services was one in the estimated 66% of all internet sites using a compromised version of OpenSSL on our public website and email servers. Fortunately, we upgraded our OpenSSL libraries immediately on 2014-04-07 when the announcement was made and the updated packages were available. In order to protect future SSL/TLS internet transmissions, we also revoked the potentially compromised StartSSL certificates, re-keyed, and implemented new certificates on 2014-04-10.

The real problem is that an attacker could access sensitive information from past connections which may have been captured.

While Messinet Secure Services is now properly re-secured, it is critical that users with accounts and passwords at Messinet Secure Services change their passwords. This is the difficult, but final step in the process to overcome the breach created by Heartbleed. If you are one of the affected users, you will receive an email with instructions on how to change your password.

Goodbye EGroupware, Hello Jekyll & Horde!

Behind the scenes, Messinet Secure Services has been working diligently to complete the migration from EGroupware to Horde Groupware to enhance the user experience with web-based services such as calendars, contacts, email, etc. And while it's been eerily quiet on front end, there has been a lot of activity on the back end.

Since that migration was completed a few weeks ago, we have been investigating various website management systems in an effort to replace EGroupware's Site Manager module with something that would allow us to focus on simplicity, standards compliance, and sustainability in terms of our public-facing websites. We have decided to use Jekyll as a formidable replacement which suits our needs and will allow us to simplify our processes. This announcement signifies that the final piece of the puzzle is in place, and we have completed the content migration from EGroupware to Jekyll.

So long, EGroupware, and Thanks for All the Fish!

Asterisk 12.0.0 RPMs for Fedora 19 & 20

Asterisk 12.0.0 has been released and I have prepared RPMs for Fedora 19 & 20. Get them from the mss-testing channel of the Fedora & Enterprise Linux RPM Repository.

With this release, I have increased the level of subpackaging, splitting out the lesser used features of Asterisk to trim down the core installation. See the spec file I used if you are interested in the details. This file is based in large part on the great work of the upstream Fedora packagers.

Leaving the DUNDi E.164 network

I am sad to say that after a long slow decline in usage, Messinet Secure Services is leaving the DUNDi E.164 peer network.

From a high point of over 4,000 calls and 8,700 minutes served in 2008, Messinet Secure Services has only served 12 calls via the DUNDi network in 2013.

There has been a dramatic decline in the number of US-based DUNDi peer nodes, making DUNDi queries less useful to us and adding latency to every call start up. It has also become increasingly difficult to keep our links in the DUNDi cloud free of ENCREJ and Unsupported Context errors as many of us have made significant changes over the years, leading to many non-functioning peer nodes.

I want to thank all of you for your participation, cooperation and support as I have learned a lot through Asterisk & DUNDi peering with each of you.