Telephony
This is an idea. I haven’t looked at actually doing it yet, but I might.
Mastodon needs complimentary instant messaging and I’ve been thinking about how this might be achieved. XMPP and SIP are great federated protocols and it’s possible to use the same domain used for Mastodon for these through SRV records.
Authentication for XMPP and SIP is based on passwords. Mastodon could be extended to write out password hashes to a database to have one password for each service per device.
Yesterday Ana finished setting up FreePBX for our house, and revived the Cisco SIP phones to make them useful again. Eventphone provides SIP, DECT, GSM and other telephony technologies at hacker events like CCC and also runs a long-running SIP service, known as EPVPN to connect hackerspaces and hackers between events.
We set up our extension as a trunk in FreePBX and could easily test outbound calls, but it was a little more difficult to test inbound calls.
I’ve received an email today from Barclaycard with the following:
“From time to time, to make sure it’s you who’s using your Barclaycard online, we’ll send you a text with a verification code for you to use on the Verified by Visa screen that’ll pop up on your payment page.”
The proprietary nature of mobile phones with the hardware specifications and the software being closed off from inspection or audit and considered to be trade secrets make my phone and my tablet the least trusted devices I own and use.