Pros and Cons of using OBiTALK Provisioning and OBiTALK portal for configuration
earthtoobi:
i think this is purely a matter of personal preference based on use case for the device.
by now, we are well aware of advantages and disadvantages of portal vs managing locally.
in my case, even though managing it locally would be just fine, i am still using the portal. this is because of the once in a blue moon scenarios. the other day i had to route calls from certain number when i was away from home. the portal is the best way to do that (unless you want to punch a hole in the home firewall).
so, personally for me while managing it locally would be fine, the portal helps to take care of the unanticipated scenarios.so, for now, i am staying with that option.
DocM:
I believe its mostly a matter of personal preference.
Benefits for direct unit interface:
1) For testing and development purposes, LAN connections are much faster via unit interface. I don't face any lag when altering settings.
2) I also think it might be a security preference as well. As far as I know, the obiportal has not been hacked but if it ever is, obi users who aren't notified or don't change their password could possibly face the chance of thousands of dollars of unauthorized calls. As obi grows, online attacks against obiportal grows. This could result with slower access to obiportal or hijacked accounts. Also, I bet most users who create passwords for their obi account don't create unique passwords. This could mean that users' emails and other online accounts could become vulnerable.
3) Lower network usage. I assume this since the obi device probably wouldn't need to continuously check its connection with obiportal if auto-prov was disabled.
Benefits for obiportal:
1) Ultra easy to setup gv accounts (I haven't tried other sip accounts). In fact, I usually setup my gv accounts via the obiportal before disabling auto-prov for my little experiments.
earthtoobi:
Quote from: DocM on April 03, 2012, 05:16:04 pm
As far as I know, the obiportal has not been hacked but if it ever is, obi users who aren't notified or don't change their password could possibly face the chance of thousands of dollars of unauthorized calls. As obi grows, online attacks against obiportal grows. This could result with slower access to obiportal or hijacked accounts. Also, I bet most users who create passwords for their obi account don't create unique passwords. This could mean that users' emails and other online accounts could become vulnerable.
hacking obi portal is not going to be very useful for placing calls.if you are not using obi app, there is no way to make a call out. you can completely restrict access to obi app(softphone number) if that is the case. changing settings on the portal has nothing to do with initiating calls from your device that would cost "thousands of dollars" as your device is sitting behind a "firewall".
also, SP's today provide ways to limit calls like max minutes per day or drop calls after 'x' mins, restrict to certain countries etc.
on security itself: typically, no website stores your passwords directly in a database. your password along with some obi passphrase is used to hash/encrypt data and then is stored. this way even an employee cannot access your password even if they intend to.
DocM:
Quote from: earthtoobi on April 04, 2012, 08:17:57 am
hacking obi portal is not going to be very useful for placing calls.if you are not using obi app, there is no way to make a call out. you can completely restrict access to obi app(softphone number) if that is the case. changing settings on the portal has nothing to do with initiating calls from your device that would cost "thousands of dollars" as your device is sitting behind a "firewall".
also, SP's today provide ways to limit calls like max minutes per day or drop calls after 'x' mins, restrict to certain countries etc.
Currently, via OBI expert, I can configure obitalk service to receive calls from any obi number I desire and send calls via voice gateways to any obi number I desire. So, if a hacker did manage to obtain access to obi accounts, that hacker should be able to modify the obitalk service to route calls to, for example, a phone line from their personal obi. The phone line could be used to place premium rate calls, incurring charges on the hijacked obi's user.
Quote from: earthtoobi on April 04, 2012, 08:17:57 am
on security itself: typically, no website stores your passwords directly in a database. your password along with some obi passphrase is used to hash/encrypt data and then is stored. this way even an employee cannot access your password even if they intend to.
I have very limited knowledge about how website passwords are stored but I assumed it could be decrypted by hackers since hacked sites would commonly ask users to change their password.
earthtoobi:
Quote from: DocM on April 04, 2012, 12:38:13 pm
Currently, via OBI expert, I can configure obitalk service to receive calls from any obi number I desire and send calls via voice gateways to any obi number I desire. So, if a hacker did manage to obtain access to obi accounts, that hacker should be able to modify the obitalk service to route calls to, for example, a phone line from their personal obi. The phone line could be used to place premium rate calls, incurring charges on the hijacked obi's user.
you are correct. it not only applies for obi number but also numbers configured as part of your SP.
Navigation
[0] Message Index
[#] Next page
[*] Previous page