Want basic VOIP supplier that works with text mode browser

I'm trying to set up a VOIP account from my boat in Belgium (though I
am a UK resident). I want a UK number and thus need to login from my
UK computer (which I can access via SSH) using a text mode browser
such as lynx or w3m. At the moment I can't find a supplier who will
play ball properly.

I've tried SIPdiscount and Sipgate but neither works properly with a
text mode browser.

--
Chris Green

tinnews@isbd.co.uk wrote:
> I'm trying to set up a VOIP account from my boat in Belgium (though I
> am a UK resident). I want a UK number and thus need to login from my
> UK computer (which I can access via SSH) using a text mode browser
> such as lynx or w3m. At the moment I can't find a supplier who will
> play ball properly.
>
> I've tried SIPdiscount and Sipgate but neither works properly with a
> text mode browser.

I know you're asking for other supplier to try with lynx or whatever,
but why not create an SSH tunnel for port 80 (and/or 443) from your UK
PC to whatever site you wish, then point your web browser at your boar
PC's local IP address ...

tinnews@isbd.co.uk wrote:
> I'm trying to set up a VOIP account from my boat in Belgium (though I
> am a UK resident). I want a UK number and thus need to login from my
> UK computer (which I can access via SSH) using a text mode browser
> such as lynx or w3m. At the moment I can't find a supplier who will
> play ball properly.

What do you need to do with the text only browser? For example, I imagine
paying for anything will require the 3DSecure dance, and thus will need the
support of <iframes>, redirects, etc.

> I've tried SIPdiscount and Sipgate but neither works properly with a
> text mode browser.

Voipgain (and so presumably other Betamax brands) has a mobile-friendly site
at:
https://www.voipgain.com/mobile/

which works quite nicely from a phone. It looks fairly simple - does it
work in lynx?

Theo

Theo Markettos wrote:

>
> What do you need to do with the text only browser? For example, I imagine
> paying for anything will require the 3DSecure dance, and thus will need the
> support of <iframes>, redirects, etc.

Lynx can cope with iframes. It can cope with proper redirects, and even
with the type explicitly discouraged in the HTML 4 specification.

However, iframes are bad practice for 3D Secure (although not as bad as
the once common practice of going fully man in the middle). With
iframes it is much more difficult to verify that you really are talking
to the bank's agent. The challenge phrase is of no security value.

I would hope that more and more UK companies will start to do what is
already standard practice on the continent (Germany at least), and
accept push payments into their bank accounts.

Meanwhile, at the uk.telecom.voip Job Justification Hearings, David Woolley
chose the tried and tested strategy of:

> However, iframes are bad practice for 3D Secure (although not as bad as
> the once common practice of going fully man in the middle). With
> iframes it is much more difficult to verify that you really are talking
> to the bank's agent. The challenge phrase is of no security value.

My work credit card prompts for a password when I use it online. I use it
rarely enough online to never be able to remember it, but the people behind
this great bit of security have been thoughtful enough to provide a 'reset
password' link on the page where you're prompted to enter the password. And
after clicking this link, how do they verify that you're entitled to reset
the password? By entering a few key details pertaining the card...that would
have been entered on the merchant's page in order to place an order anyway!
Not only does this offer no additional security whatsoever, it in fact
reduces security, because you've just doubled[1] the likelihood of these
critical details being intercepted.

--
<http://ale.cx/> (AIM:troffasky) (UnSoEsNpEaTm@ale.cx)
09:48:27 up 1 day, 11:44, 8 users, load average: 0.01, 0.07, 0.15
"I am utterly appalled at how I have been treated like a criminal"
-- Andrew Crossley, ACS:Law, 13 August 2010

[1] I am not a mathematician

alexd <troffasky@hotmail.com> wrote:
> My work credit card prompts for a password when I use it online. I use it
> rarely enough online to never be able to remember it, but the people behind
> this great bit of security have been thoughtful enough to provide a 'reset
> password' link [...]

Presumably these are the same people that thought it was a great idea to
allow the 3DSecure window to be embedded in the merchant's payment page,
thus making it close to impossible for most people to determine whether
it's a real 3DSecure page or not. (At least some of the payment handlers
are now allowing users to customise the page so you have a fighting
chance to see that it's the one you expect. If you remember to check,
that is.)

Chris

Chris Davies wrote:

>
> Presumably these are the same people that thought it was a great idea to
> allow the 3DSecure window to be embedded in the merchant's payment page,

That was my point about iframes. I also pointed out that, at one time,
and maybe still, they went one worse and made it totally impossible to
verify by going man in the middle and actually embedding the 3D secure
"frame" in their HTML source code (not as any Xframe element.

> thus making it close to impossible for most people to determine whether
> it's a real 3DSecure page or not. (At least some of the payment handlers
> are now allowing users to customise the page so you have a fighting
> chance to see that it's the one you expect. If you remember to check,
> that is.)

David Woolley <david@ex.djwhome.demon.invalid> wrote:
> That was my point about iframes. I also pointed out that, at one time,
> and maybe still, they went one worse and made it totally impossible to
> verify by going man in the middle and actually embedding the 3D secure
> "frame" in their HTML source code (not as any Xframe element.

Yep. Some merchants do use this technique. I tried to raise this to
my credit card company but once I managed to get past the "dumb user"
layer they said it was nothing to do with them.

Chris

Andy Burns <usenet.aug2009@adslpipe.co.uk> wrote:
> tinnews@isbd.co.uk wrote:
> > I'm trying to set up a VOIP account from my boat in Belgium (though I
> > am a UK resident). I want a UK number and thus need to login from my
> > UK computer (which I can access via SSH) using a text mode browser
> > such as lynx or w3m. At the moment I can't find a supplier who will
> > play ball properly.
> >
> > I've tried SIPdiscount and Sipgate but neither works properly with a
> > text mode browser.
>
> I know you're asking for other supplier to try with lynx or whatever,
> but why not create an SSH tunnel for port 80 (and/or 443) from your UK
> PC to whatever site you wish, then point your web browser at your boar
> PC's local IP address ...
>
Well I could do that (I've done it before for similar reasons) but I
was hoping for the simpler solution of using lynx or whatever.

--
Chris Green

Theo Markettos <theom+news@chiark.greenend.org.uk> wrote:
> tinnews@isbd.co.uk wrote:
> > I'm trying to set up a VOIP account from my boat in Belgium (though I
> > am a UK resident). I want a UK number and thus need to login from my
> > UK computer (which I can access via SSH) using a text mode browser
> > such as lynx or w3m. At the moment I can't find a supplier who will
> > play ball properly.
>
> What do you need to do with the text only browser? For example, I imagine
> paying for anything will require the 3DSecure dance, and thus will need the
> support of <iframes>, redirects, etc.
>
Just the 'ask for a phone number' bit, that's all.


> > I've tried SIPdiscount and Sipgate but neither works properly with a
> > text mode browser.
>
> Voipgain (and so presumably other Betamax brands) has a mobile-friendly site
> at:
> https://www.voipgain.com/mobile/
>
> which works quite nicely from a phone. It looks fairly simple - does it
> work in lynx?
>
I'll try it thanks.

--
Chris Green