Wireshark: Facetime on Iphone 4: Vanilla unencrypted STUN and SIP (opens in new tab)

(blog.roychowdhury.org)

54 pointspmikal15y ago17 comments

17 comments

14 comments · 6 top-level

patrickaljord15y ago· 5 in thread

Why is "unencrypted" considered a good thing? I find it kind of scary especially for a video conference app.

It's much easier to add encryption to an unencrypted channel than it is to interoperate with a fully encrypted one. As a user you might be more interested in encryption as soon as possible, but to the average HN reader an unencrypted standards-based stack is good news!

jallmann15y ago

Your phone calls aren't point-to-point encrypted, either.

eli15y ago

No, not end-to-end, but they are encrypted between your phone and the cell tower.

It's considerably more secure than an open wifi network.

1 more reply

drewcrawford15y ago

Remember all those scandals where politicians sent sexy texts to people they weren't supposed to? Video looks a lot better on the evening news.

Cue first FaceTime scandal in 3, 2...

1 more reply

mattparcher15y ago

I may be missing something, but isn’t he saying that the FaceTime call, once initiated by a traditional phone call, is encrypted?

“Only the call part is Vanilla SIP. The procedure for registering a Facetime user into their servers etc. is all non-SIP, encrypted/ciphered.”

jallmann15y ago· 1 in thread

Hopefully once Apple "opens" up facetime, they will also enable calls outside the Facetime network. Otherwise the who's and what's of connecting to their registrar will probably be no better than the App Store situation today (eg, I'm sure gateways will be forbidden).

edit: Although the identifying info from those screenshots is scrubbed, the comments say the R-URI is basically user@ip:port. This is interesting: there's no SIP proxy in between. No wonder it only works over wifi.

andrewtj15y ago

Although the identifying info from those screenshots is scrubbed, the comments say the R-URI is basically user@ip:port. This is interesting: there's no SIP proxy in between.

Unfortunately I see "Bandwidth Limit Exceeded" when I go to that page but your comment makes me wonder whether they are doing SIP URI discovery via DNS-SD[1] given their penchant for DNS-SD.

[1] http://tools.ietf.org/html/draft-lee-sip-dns-sd-uri-03 (ignore the stuff about mDNS and substitute Wide-area Bonjour)

michaelbuckbee15y ago· 1 in thread

Since Facetime is running SIP over WiFi, does AT&T still charge you minutes for a Facetime call or is that only for the non-facetime portion of the phonecall?

mattparcher15y ago

Apparently no:

“The voice call ends as soon as the FaceTime call connects... the FaceTime call is over Wi-Fi so does not use carrier minutes.”

http://news.cnet.com/8301-13579_3-20008289-37.html

gsiener15y ago· 1 in thread

Does anyone think they're trying to figure out IPv6 to make this work over 3G?

wmf15y ago

What does one have to do with the other?

pat2man15y ago

Its actually a little more complicated than that:

http://www.packetstan.com/2010/07/special-look-face-time-par...

yesbabyyes15y ago

This is cool. This, Google Voice and Sipdroid on my Desire (which lets you route all calls, automatically, to the SIP provider of you choice, either on Wi-Fi only or 3G as well) makes me feel good about the future of telephony.

j / k navigate · click thread line to collapse

17 comments

14 comments · 6 top-level

patrickaljord15y ago· 5 in thread

Why is "unencrypted" considered a good thing? I find it kind of scary especially for a video conference app.

ynniv15y ago

jallmann15y ago

Your phone calls aren't point-to-point encrypted, either.

eli15y ago

No, not end-to-end, but they are encrypted between your phone and the cell tower.

It's considerably more secure than an open wifi network.

1 more reply

drewcrawford15y ago

Remember all those scandals where politicians sent sexy texts to people they weren't supposed to? Video looks a lot better on the evening news.

Cue first FaceTime scandal in 3, 2...

1 more reply

mattparcher15y ago

I may be missing something, but isn’t he saying that the FaceTime call, once initiated by a traditional phone call, is encrypted?

“Only the call part is Vanilla SIP. The procedure for registering a Facetime user into their servers etc. is all non-SIP, encrypted/ciphered.”

jallmann15y ago· 1 in thread

andrewtj15y ago

Although the identifying info from those screenshots is scrubbed, the comments say the R-URI is basically user@ip:port. This is interesting: there's no SIP proxy in between.

Unfortunately I see "Bandwidth Limit Exceeded" when I go to that page but your comment makes me wonder whether they are doing SIP URI discovery via DNS-SD[1] given their penchant for DNS-SD.

[1] http://tools.ietf.org/html/draft-lee-sip-dns-sd-uri-03 (ignore the stuff about mDNS and substitute Wide-area Bonjour)

michaelbuckbee15y ago· 1 in thread

Since Facetime is running SIP over WiFi, does AT&T still charge you minutes for a Facetime call or is that only for the non-facetime portion of the phonecall?

mattparcher15y ago

Apparently no:

“The voice call ends as soon as the FaceTime call connects... the FaceTime call is over Wi-Fi so does not use carrier minutes.”

http://news.cnet.com/8301-13579_3-20008289-37.html

gsiener15y ago· 1 in thread

Does anyone think they're trying to figure out IPv6 to make this work over 3G?

wmf15y ago

What does one have to do with the other?

pat2man15y ago

Its actually a little more complicated than that:

http://www.packetstan.com/2010/07/special-look-face-time-par...

yesbabyyes15y ago

j / k navigate · click thread line to collapse