Update on the TUMe protocol

Yesterday I did a writeup of my first impressions on the TUMe protocol. Today I want to give some more details about the JSON over HTTPS part of the protocol. TUMe definitively uses SIP for signaling.

The JSON protocol is used for the provisioning of the service. For both initial setup as for removal of the service. The protocol is also used for authorizing the application on every startup.

When registering for the TUMe a JSON message is to register your phone number together with your locale. After this some setup is send to setup Apple’s push message service for TUMe. In the meanwhile you will receive a PIN code from TUMe via SMS.

The PIN code and your phone number are then send in a subsequent JSON message meant to validate your phone number. The server replies with a configuration message for the app. The message contains a SIP (over TLS) configuration and some information for authentication. You can see this message below:

Configuration message of TU Me

The TUMe configuration message containing authentication and service (SIP) information.

After this TUMe is ready to rock.

When still in the progress of setting up the service for the first time, the app will send personal information via JSON. Your MSISDN (phone number), screen  name and user id (from the config message) are sent first. After that, when you choose to, your contacts are send to the server.

Every time the application is started it will first authorizes itself via a JSON message. It sends a HTTP request with a basic authentication string and receives an access token in return. I suspect this token is used to setup the TLS connection that is used for SIP signaling.

The app also requests a history from the JSON server but for me this message is always empty. I’m not sure what this message is for.

Canceling the account also goes via JSON, a HTTP DELETE request is send to the server to trigger the account removal.

This concludes the analysis of the JSON RPC protocol.

Advertisements
Posted in telecommunications | Tagged , , , , , , , , , | Leave a comment

First analysis of the TUMe protocol

*UPDATE* more on the JSON part of the protocol.

Today Telefonica release the TUMe App. With this App you can text, talk and share for free. Telefonica launches this as Telco-OTT style.

I won’t go into details about the TUMe App itself or what this means to the telco world. But I was wondering about the protocols that are used and I will do a quick writeup of my findings.

Since I wanted to make traces of the TUMe signaling I first setup mitmproxy for intercepting HTTP traffic. This showed me that for provisioning (setting your name, receiving history, sending the address book, etc.) a JSON protocol is used which is being communicated over HTTPS.

However, calls and messages did not show up in mitmproxy which means that these are not send over HTTP (or at least do not use the system wide HTTP proxy settings in iOS).

To see all the traffic that is send by my iOS device I would have to sniff in the middle or trace on my device itself. Since I have jailbroken my device I did the latter. I installed tcpdump on my iPhone and did a trace while I was sending text messages with TUMe.

At first I started looking for the obvious, SIP or XMPP messages that are send over the default SIP and XMPP ports but I found none. Than I looked for traffic to unknown IP addresses. This was made easy since all HTTP traffic was still going via my mitmproxy. I noticed that there was traffic that was marked as HTTPS that was not send via the proxy. I found this traffic suspicious because when it would use iOS HTTP APIs it should end up being send via the HTTP proxy.

Analysis of this data stream showed a TLS connection is being setup. Because of the TLS encryption the protocol itself is not revealed but the TLS setup shows that a server certificate belonging to Jajah.com is being used.

Wireshark shows the Jajah certificate

Jajah is a Telefonica owned company that offers a range of products. Some are SIP based, others not. So from this trace it is clear if TUMe is a SIP or RCSe client. Although suggesting it triggers a reaction that it might very well be SIP… The TCP port being used is, however, not a SIP port but port 443 (HTTPS).

So what is the conclusion? To me (pun intended) it is not clear what protocol is being used for signaling, although the reaction on Twitters seems to acknowledge that it is SIP over TLS on port 443 (HTTPS). Some stuff is being done out-of-band via a proprietary JSON over HTTPS protocol. To me this sounds like TUMe is not a RCSe client but a proprietary client. This is fine since TUMe is OTT anyway so there is no need to federate with anyone.

Posted in telecommunications | Tagged , , , , , , , , , , | Leave a comment

How to use XMPP SASL EXTERNAL with Node.js

Almost a year ago I came across Node.js for the first time. Without going into details I must admit that a kind of like it. It has been useful to me in various projects. I especially like it for rapid prototyping or for creating some temporary service that is useful within a development environment. Like every framework, Node.js has some issues. Personally I don’t like for larger, more complex, projects.

But… This post is not about Node.js. I wanted to give a brief introduction because I never blogged about Node.js before.

The post is about using SASL EXTERNAL in node-xmpp, a Node.js module for XMPP communication. For a project that I am a part of I investigated certificate based authentication to an XMPP server. I found the node-xmpp module to be the best available XMPP module for Node.js out there but it didn’t support the EXTERNAL authentication scheme as describe in XEP-0178, so I decided to add it myself.

SASL EXTERNAL is not used widely in the XMPP world. There are only a few clients and servers supporting it (as far as I know of). Openfire and Prosody support EXTERNAL for client to server authentication on the server side. Since I was already running an Openfire server I decided to give it a try on that.

To get stuff working I went trough the following steps:

  1. Create a test certificate authority (CA) and configure Openfire to use the EXTERNAL authentication mechanism
  2. Pull node-xmpp from the git (EXTERAL will hopefully be part of the 0.4 release of node-xmpp)
  3. Create a test client
  4. Test if it works

I will go through these steps in more detail below.

Create a test CA and configure Openfire

On the Pidgin wiki I found a walkthrough that guided me to most of these steps. I am not going to repeat these steps but I will give some pointers to solve issues I ran in to:

  • Configure Openfire first. Openfire will create a client.trustore when it is restarted
  • Restart Openfire after adding the CA key to the keystore
  • The property sasl.mechs should have a comma separated list of SASL mechanisms as the value. For example: EXTERNAL,DIGEST-MD5,PLAIN,CRAM-MD5
  • Create a test CA. Convert the public certificate of the CA to x509 and import it into the client.trusttore. After that create certificate/key pair for each user and sign the certificates with the CA.

Pull node-xmpp from the git

That is simple, just issue:


git clone git://github.com/astro/node-xmpp.git

Create a test client

I did that piece of work already, just copy my echo_bot_sasl_external.js gist.

Finally, test if it works

If you are using the test script from my gist you should copy the key and certifiate of your test user to the folder the script is in. The key file should be called key.pem and the certificate should be called cert.pem.

To connect via starttls run:

node echo_bot_sasl_external.js --jid=user@domain.com

To use the legacy SSL port run:

node echo_bot_sasl_external.js --jid=user@domain.com --server=domain.com --legacy_ssl

Thats it.

Posted in programming | Tagged , , , , , | Leave a comment

Google Maps icons and circles revisited

Recently I needed to add icons and circles to a Google Map. My colleague Jan Sipke did a nice write up on this topic a couple of years ago. Unfortunatly things did change since then. Google released a new version of the Maps API (3.8 at the time of writing) and the resources that were used in his writeup moved to new locations. That why I decided to write an update on his story.

I wanted to achieve something like this:

I downloaded the icon from the same source as Jan Sipke did: The Map Icons Collection.

Only the site moved to a new location. The site features a great set of nice icons you can use on Google Maps. Check them out!

I used Matt Williamson’s Google Maps Circle Overlays to draw the circles. This script uses miles for the radius of the circle. I wanted to use kilo meters and made a simple function that converts kilo meters into miles.

The following code wraps this all up into the result I was looking for:

<!DOCTYPE html>
<html>
  <head>
    <title>Google Maps icons and circles revisted</title>
    <script type="text/javascript"
      src="http://maps.google.com/maps/api/js?key=YOUR_KEY&sensor=false"/>
    <script src="scripts/maps.google.circleoverlay.js"
      type="text/javascript"/>

    <script type="text/javascript">
      var IconsAndCircles = {
        map: null,
        KMS_THAT_MAKE_A_MILE: 1.609344,

        /* converts a distances in kilo meters into miles */
        kmToMiles: function(distanceInKm) {
          return distanceInKm / this.KMS_THAT_MAKE_A_MILE;
        }

        /* show a maker on the map */
        showMarker: function(point) {

          // create a marker with an icon
          marker = new google.maps.Marker(
            {position: point, map: map, icon: 'res/wifi.png'}
          );

          // Create and add a circle for 200 meters
          new CircleOverlay(
            map, point, this.kmToMiles(0.2),
            "#0000FF", 0, 1, '#0000FF', 0.10
          );

          // Create and add a circle for 50 meters
          new CircleOverlay(
            map, point, this.kmToMiles(0.05),
            "#0000FF", 0, 1, '#0000AA', 0.25
          );
        },

        /* loads the map */
        load: function() {
          // Create Map
          var center = new google.maps.LatLng(52.026129,4.357066);
          map = new google.maps.Map(document.getElementById("map"), {
              center: center,
              zoom: 16,
              mapTypeId: google.maps.MapTypeId.ROADMAP
          });
          this.showMarker(map.getCenter());
        }
      };
    </script>
  </head>
  <body onload="IconsAndCircles.load()">
    <div id="map" style="width: 100%; height: 500px; border: 1px solid #666666;"/>
  </body>
</html>

After I wrote this code I found that Google also offers a way to create circles on a map in the Maps API. You might want to check out their example as well.

Posted in programming | Tagged , | Leave a comment

What is this that stands before me …

Ozzy Osbourne wailing this line in 1970 demarcated the birth of heavy metal. Lately this line also springs to mind when I read about the latest “discoveries” in service delivery paradigms presented by telecom operators.

To them, it still seems to be the middle ’90s when the Internet was regarded to be an interesting experiment that would soon erode and be replaced by the constellations developed by the telecom industry. And while no one still argues that the Internet Protocol should by replaced by the much more powerful Asynchronous Transfer Mode (ATM) when it comes to service provisioning the telco industry still dreams up very complex service delivery platforms. And yes, from an academic approach that would be the way to go. But apparently telcos lack the power to execute such a strategy. Location-based services and the corresponding service architectures were a new and coming thing in the late 1990s. Had the industry acted on it at the time, the telcos could have been today’s Google. However, instead of bringing the idea to market the industry discussed for over a decade what would the business model and what would be the technology to deliver LBS. Would it be SOAP? Or would it be CORBA? Or maybe, yet something else.

Meanwhile, Google did what at the time everyone believed to be impossible, they paid people to drive around the globe and collect information about cell coverage. Suddenly, the information that telcos believed to be pure gold had evaporated because Google provided it for free. But instead of learning from this experience, the telco industry apparently think they have only lost a battle and not the war and dream up exciting new services such as the Rich Communication Suite.

What is this that stands before me? Well, being a former Bellhead myself I hate to admit it, but it might very well be a herd of dinosaurs.

Posted in Uncategorized | Leave a comment

Grep lines before and after matched line

The command grep is really useful for finding matches of a certain word in files or streams. However, until recently I didn’t know how to display lines before and after the matched line(s).

Let’s say we have a file named test.txt that contains the following content:

ALICE was beginning to get
very tired of sitting by
her sister on the bank
and of having nothing to do:
once or twice she had peeped
into the book her sister was reading,
but it had no pictures or conversations in it,
"and what is the use of a book," thought Alice,
"without pictures or conversations?'

If we use grep to find lines matching “bank”, we write:

grep bank test.txt

and get:

her sister on the bank

If we want to list some line(s) before the matched line, we write:

grep -B1 bank test.txt

where the 1 denotes the number of lines to list, and get:

very tired of sitting by
her sister on the bank

If we want to list some line(s) after the matched line, we write:

grep -A2 bank test.txt

where the 2 denotes the number of lines to list, and get:

her sister on the bank
and of having nothing to do:
once or twice she had peeped

The two options can be combined as well, but I leave that as an exercise to the reader :-).

Posted in programming | Tagged | 1 Comment

Temperature graphs

In a previous article we looked at remote measurement of temperature and humidity. Now it is time to show the results of the temperature measurements. First a recap of the setup:

Three remote temperature and humidity sensors are located in the living room, the garage and outside. The following graph shows the output of about 1 week:

As you can see, the garage is not isolated very well. The temperature in the garage is quite similar to the temperature outside. If the weather predictions are correct, we will see temperatures below 0 degrees centigrade soon. Finally a test for the parsing of negative values!

Luckily, the isolation of the living room is much better than that of the garage. During the night the temperature drops only 2 degrees from 20 to 18, even though the thermostat is programmed to keep the temperature above 15 degrees. The spikes to about 25 degrees are a result of the placement of the sensor in the living room: early in the afternoon, the sun sometimes shines directly on it.

Posted in programming | Tagged , | 1 Comment