SFSPEAKER

NAME

SYNOPSIS

DESCRIPTION

If requested by setting various environment variables, sfspeaker can publish your identity and Internet address on a Look Who's Listening server. This enables other users, by querying the server, to determine if you're on line. If you have a dial-up Internet connection that assigns you a different host name and Internet address each time you connect, Look Who's Listening permits others to find the address of your current connection, whatever it may be.

You can supply an image of your face (or anything else you like) as a 256 colour Microsoft bitmap (.bmp) file which will be sent to hosts you connect to. If you have the xv image display utility installed on your system, you'll be able to see the face images published by users who connect to you.  

OPTIONS

-areply_file

When a new host connects, sfspeaker will write an executable shell script into the given reply_file containing a command that invokes sfmike to reply to the host. By default, the command is ``sfmike -t $* hostname'', where hostname is the Internet host name or IP address of the connecting host. The user can reply to the host simply by executing the reply_file. You can create a custom reply command by specifying it after the reply_file, separated by a space (be sure to enclose the argument to the -a option in quotes when doing this). The ``$*'' specification allows you to supply additional options to sfmike by including them on the reply_file command line. another host, sfspeaker will execute the specified busy_command to notify the host that the connection was rejected. The busy_command should be enclosed in quotes, and must contain the printf format phrase ``%s'' at the position the IP address of the host originating the rejected connection is to be interpolated. If no busy_command is supplied, a default of: -b"sleep 10; sfmike %s busy.au"
is used. The ten second delay is intended to allow users with half duplex audio hardware to receive the busy signal transmission after sending an initial greeting and switching back to receive mode awaiting a reply. Because the -bf option is used to specify a key for Blowfish encryption (see below), if the first character of your busy command is the letter ``f'', simply quote it and precede it with a space.

-bfkey

The specified key is used to decrypt sound received using the Blowfish algorithm.

-d

Enables debug output from sfspeaker whether requested by the remote copy of sfmike or not.

-econnect_command

When a new hosts connects, the designated connect_command will be executed, with the string ``%s'' replaced by the fully qualified host name of the connecting site. This can be used to auto-reply to hosts which connect.

-ikey

The specified key is used to decrypt sound received using the International Data Encryption Algorithm (IDEA).

-jdelay,idle

Jitter compensation is enabled. This delays playing sound by delay milliseconds to reduce gaps due to irregular packet arrival times. The jitter delay is reset when no sound is received for idle milliseconds. If no idle time is given, twice the delay is assumed. If neither delay nor idle are specified, a one second delay and two second idle time are used. The mininum delay and idle times are 250 milliseconds. Note: jitter compensation requires an audio output driver capable of buffering as many samples as arrive during the specified delay. If the audio driver on your machine cannot perform this buffering, the -j option may yield unintelligible output.

-kkey

The specified key is used to decrypt sound received using a slightly modified version of the Data Encryption Standard algorithm (the initial and final permutations, which do not contribute to the security of the algorithm and exist purely to deter software implementations of DES are not performed).

-mmulti_group

In addition to messages directed specifically to the host on which it is running, sfspeaker will listen for messages sent to the IP multicast group multi_group, which can be specified either as a symbolic group name or as a numeric IP address. Any number of multicast groups can be monitored simultaneously, up to the system maximum (usually 20). If the system on which sfspeaker is running does not support multicast, this option will not be available.

-n

Disables remote ring requests. Sun users who have connected the audio output jack to a higher quality speaker may wish to set this to prevent remote users from diverting audio back to the built-in speaker.

-ofilename

The contents of the specified filename are used as a ``key file'' to decrypt sound data received.

-pport

Causes sfspeaker to listen on the specified port number instead of the default port specified by ``INTERNET_PORT'' in the Makefile.

-q

Quiet--disables debug output from sfspeaker unconditionally.

-r[+]filename

Record all audio received in the named filename in Sun audio file format. This provides a crude ``answering machine'' facility. If you're going to be away from your machine, run sfspeaker with this option so any sound you miss will be recorded in your absence. When you return, play the sound file to hear messages from people who tried to get in touch while you were away. If filename already exists and a plus sign precedes the name, sound is appended to the file rather than overwriting previously saved sound.

-u

Prints how-to-call information.

-vtimeout

When sfspeaker receives a packet from a host it hasn't heard from in timeout seconds, it will attempt to find the host name and print a message on standard error noting the new connection. If the host name can't be found, the numeric IP address is given. After timeout seconds of inactivity a message is issued indicating the host is idle. If no timeout is specified, 180 seconds is used.

-wport

sfspeaker publishes the identity of the machine it is running on and the given port (2074 if none is given), on Look Who's Listening servers as specified by the SPEAKFREE_LWL_xxx environment variables, but does not open network input or listen for packets. This option is used by the Voice on Demand server, sfvod, to identify itself to Look Who's Listening servers.

-youtdev[:ctldev]

This option allows you to override the defaults for the name of the audio output device file (for example /dev/audio) and, optionally, the audio control device file, specified after the output device, separated by a colon. If the first character of either the output or control device specification is a sharp sign, ``#'', the balance is taken as an integer giving the number of an already-open file descriptor in a parent process which is launching sfspeaker. This facility (or, if you like, gimmick) allows programs such as sflaunch to evade the restriction in some audio drivers which support full-duplex but don't permit two programs to simultaneously open the audio device files. This option is not available on Silicon Graphics or other platforms which do not use device files for audio I/O.

-zpass_phrase

When a pgp-encrypted session key is received, pgp is invoked to decrypt it. Decryption requires your RSA private key, for which the pass phrase must be provided. By default, pgp asks you for the pass phrase each time a session is initiated. You can override this by specifying the pass phrase using the PGPPASS environment variable (see the pgp documentation for details and a discussion of the vulnerability this may create) or by using the -z option on speaker to supply the pass phrase. The given pass phrase is then passed to PGP with its own  -z option each time it is invoked. If the pass phrase consists of more than one word, be sure to enclose it in quotes. If no pass phrase is given, sfspeaker prompts you for the pass phrase when it is first invoked. If you're worried about your pass phrase being compromised through specification as an environment variable or command line argument, this allows you to enter the pass phrase only once per execution of sfspeaker. Be aware, however, that sfspeaker continues to pass the phrase to pgp via a command line argument when it is invoked to decode the session key.

LOOK WHO'S LISTENING

To publish your information with a Look Who's Listening server, set the following environment variables before running sfspeaker. As long as you don't set the SPEAKFREE_LWL_TELL variable, no other site will be notified of your use of Speak Freely and remote users will have no way to determine whether you're running sfspeaker or not. If privacy and discretion are important to you, think carefully before publishing your information and if you decide to proceed, what information you supply. Anything you send to a Look Who's Listening site is potentially available to any user on the Internet. Remember that Speak Freely won't disclose anything you don't explicitly request be published.

To enable publication, set the environment variable SPEAKFREE_LWL_TELL to the name of the Look Who's Listening host where you wish to publish your address. A public Look Who's Listening host is currently available at the site lwl.fourmilab.ch. Anybody can create a host simply by installing the sflwld program supplied with Speak Freely; this allows private networks to maintain directories that aren't accessible to users from the Internet at large, or interest groups to create ``meeting rooms'' for those interested in specific topics. If the site uses a port number other than the standard of 2076, you can specify the port number after the host name, separated by a comma.

Setting SPEAKFREE_LWL_TELL to a valid Look Who's Listening host publishes default information about you and your site determined from your password file entry. You can publish your entry on multiple hosts by listing them on the SPEAKFREE_LWL_TELL variable, separated by commas. You can supply more complete and accurate information by setting the environment variable SPEAKFREE_ID to a string of the form:

full name: E-mail address: phone number: location

With most shells you'll have to enclose this specification in quotes. Think about the consequences of making your telephone number and geographical location potentially available to any user on the Internet before you include them on a SPEAKFREE_ID statement. Your E-mail address is the primary means by which others contact you; this should be the address you usually give to individuals who wish to contact you or include, for example, on your business card. It needn't have anything to do with the host and network on which you're running sfspeaker. For example, if you usually give out your E-mail address at work, you might specify jetson@sprockets.com even though you connect to the Internet at home as george@slip3986.terra.ssol.net. Normally, the server will reply to a query with all active sites which contain the query string in either the E-mail address or full name fields. If you precede the E-mail address with an asterisk, only queries which exactly match the E-mail address will return your contact information. This allows dial-up users to allow those knowing their E-mail address to contact them without informing any Internet user who's curious that they're on line. The security-conscious should note that this protection is provided by the Look Who's Listening server, and assumes the site you contact is running an unmodified version of the sflwld program which is operating as intended.

Look Who's Listening uses the Internet Real-Time Protocol (RTP) to communicate with the host running the server. This protocol uses a ``canonical name'' to identify a user and machine so that remote users can usually contact the individual with Unix tools such as finger and talk. sfspeaker creates a canonical name automatically from your user ID and domain name. If no domain name is available, the user ID and Internet (IP) address are used to create a unique name. If for some reason this process yields an unusable canonical name, you can override it by setting the SPEAKFREE_CNAME variable to the canonical name you prefer.  

SHOW YOUR FACE

FILES

BUGS

In order to deliver acceptable (or at least tolerable) performance across international links, sfmike and sfspeaker use ``Internet datagram'' socket protocol which is essentially a ``fire and forget'' mechanism; neither flow control nor acknowledgement are provided. Since sound must be delivered at the correct time in order to be intelligible, in real time transmission there's little one can do anyway if data are lost. Consequently, bogged down lines, transmission errors, etc., simply degrade or destroy the quality of the audio without providing explicit warnings at either end that anything's amiss.

Blowfish, IDEA, DES, and key file options encrypt every sound packet with the same key--no key chaining is performed. (Blowfish, DES and IDEA encryption do, however, use cipher block chaining within each packet.) Chaining from packet to packet would increase security but then loss of any packet would make it impossible to decrypt all that followed.

Certain governments attempt to restrict the availability, use, and exportation of software with cryptographic capabilities. Speak Freely was developed in Switzerland, which has no such restrictions. The DES, MD5, Blowfish, and IDEA packages it uses were obtained from an Internet site in another European country which has no restrictions on cryptographic software. If you import this software into a country with restrictions on cryptographic software, be sure to comply with whatever restrictions apply. The responsibility to obey the law in your jurisdiction is entirely your own.

By default, sfspeaker listens to Internet port number 2074. It is conceivable, albeit unlikely, that this might conflict with some other locally-developed network server. You can specify a different port number with the -p to option, but your sfspeaker won't receive audio from others that use the standard port number. When communicating with other applications using VAT or RTP protocol, you must specify the port on which the other application is sending. RFC 1890 recommends port 5004 as the default port for RTP applications. Many VAT protocol applications default to port 3456.

No verification that the SPEAKFREE_FACE image is actually a 256 colour Microsoft .bmp file is performed. You can, in fact, send an image in any format xv is able to display, as long as you're communicating with another Unix user. But if you supply a non-.bmp file, Speak Freely for Windows won't be able to display the image.  

ACKNOWLEDGEMENTS

Andrey A. Chernov contributed code that enables Speak Freely to build and run on FreeBSD.

Hans Werner Strube contributed code to allow the program to build under Solaris 2.4 without any source changes or need for compatibility modes.

The GSM compression and decompression code was developed by Jutta Degener and Carsten Bormann of the Communications and Operating Systems Research Group, Technische Universitaet Berlin: Fax: +49.30.31425156, Phone: +49.30.31424315. They note that THERE IS ABSOLUTELY NO WARRANTY FOR THIS SOFTWARE. Please see the readme and copyright files in the gsm directory for further details.

The ADPCM compression and decompression code was developed by Jack Jansen of the Centre for Mathematics and Computer Science, Amsterdam, The Netherlands. Please see the readme and copyright files in the adpcm directory for further details.

The linear predictive coding compression algorithm was developed by Ron Frederick of Xerox PARC.

The DES encryption code was developed by Phil Karn, KA9Q. Please see the readme file in the des directory for further details.

The public domain implementation of U.S. Federal Standard 1015 -lpc10 compression algorithm was developed by the United States Department of Defense, National Security Agency (NSA). Please see the README and FAQ files in the lpc10 directory for additional details.

The Blowfish encryption module and the DES encryption library used for encrypting and decrypting VAT and RTP protocol packets were developed by Eric Young. Please see the README and COPYRIGHT files in the blowfish and libdes directory for further details. The Blowfish algorithm was developed by Bruce Schneier and is in the public domain.

The IDEA algorithm was developed by Xuejia Lai and James L. Massey, of ETH Zurich. The implementation used in Speak Freely was modified and derived from original C code developed by Xuejia Lai and optimised for speed by Colin Plumb. The IDEA[tm] block cipher is patented by Ascom-Tech AG. The Swiss patent number is PCT/CH91/00117, the European patent number is EP 0 482 154 B1, and the U.S. patent number is US005214703. IDEA[tm] is a trademark of Ascom-Tech AG. There is no license fee required for noncommercial use. Commercial users may obtain licensing details from Dr. Dieter Profos, Ascom-Tech AG, Solothurn Lab, Postfach 151, CH-4502 Solothurn, Switzerland, Tel +41 65 242 885, Fax +41 65 235 761.

The implementation of MD5 message-digest algorithm is based on a public domain version written by Colin Plumb in 1993. The algorithm is due to Ron Rivest. The algorithm is described in Internet RFC 1321.

The -e option support code and fixes for Linux sound drivers which do not support mu-law encoding were contributed by Jean-Marc Orliaguet.  

SEE ALSO

AUTHOR

John Walker
WWW:    http://www.fourmilab.ch/

All modules of Speak Freely developed by me are in the public domain. See the readme and/or copyright files in the adpcm, blowfish, des, gsm, idea, and libdes directories for conditions of use and distribution of those components. This software is provided ``as is'' without express or implied warranty.

Index

NAME

SYNOPSIS

DESCRIPTION

OPTIONS

LOOK WHO'S LISTENING

SHOW YOUR FACE

FILES

BUGS

ACKNOWLEDGEMENTS

SEE ALSO

AUTHOR