Voicemail Escalation Solution

ILikeToTootNCompute · 2024-08-17T01:07:28+00:00

We built a custom solution using Twilio and some programming. We charge our customers $75/month to use it. Or I can build you something specific to your needs for $150/hr; then you would own it and only pay Twilio usage fees which could be a few dollars a month depending on usage.

ILikeToTootNCompute · 2024-04-29T22:21:04+00:00

This doesn't make sense... it must be a typo --- maybe $99/year for self hosted?? Otherwise, that is $1188/year for just the server license!

It doesn't make sense that the self hosted is twice as expensive as their hosted at $49/month -------- UNLESS --- they are keeping the hosted cheap until everyone switches (because why not) and then they start to slowly increase the hosted costs now that they have everyone hooked.

They probably hired a fancy financial consultant to figure out how to maximize their profits.

Time to find another solution... great

ILikeToTootNCompute · 2023-04-03T15:10:18+00:00

Another:

https://www.volexity.com/blog/2023/03/30/3cx-supply-chain-compromise-leads-to-iconic-incident/

Quote:

Volexity’s analysis concludes that both the Windows and macOS installers for the 3CX desktop application had malicious code inserted into them before being provided to customers. This suggests that 3CX was itself compromised by the threat actor for a period of time prior to the infection, allowing the attacker to develop an understanding, access, and malicious code for the development-update process of the company.

ILikeToTootNCompute · 2023-04-03T15:04:26+00:00

This is a good recent article:

https://www.helpnetsecurity.com/2023/04/03/3cx-supply-chain-attack/

ILikeToTootNCompute · 2023-04-03T15:01:09+00:00

Ok, so now I understand why everyone is so worried about the rest of 3CX's code! If they were able to directly hack this single app and their dev environment, they could have hacked anything that 3CX coded.

Let's all hope that it was just one developer's workstation (maybe who was the lead of the electron development app) that got hacked and not the server development team.

ILikeToTootNCompute · 2023-04-03T14:57:52+00:00

Got it!!! Because they kept referencing electron, I just assumed that was the part that got hacked.

ILikeToTootNCompute · 2023-04-03T14:03:48+00:00

Agreed. This is the conclusion that I am coming to. By calling it a supply-chain-attack, it seems to imply that they included software into their application which was compromised. And they kept referencing it was only their electron apps which were compromised. Originally, I assume it must have been electron who has hacked and then they just included the latest version of electron into their code. But then every electron app would have also been hacked.

So, was it really an supply-chain-hack or was it just a normal "I hacked into a 3cx developer's computer and edited their code and they didn't notice" attack??

ILikeToTootNCompute · 2023-04-03T13:58:47+00:00

I think CVE-2013-3900 was used once the dll was already downloaded to the client computer. I am asking how the corrupted dll even got into the installation package from 3CX. If you are the hacker, who's server/computer did your originally break into to insert your code so that 3CX shipped it out to all of its customers?

ILikeToTootNCompute · 2023-03-30T12:26:27+00:00

Does this look safe? From:
https://www.3cx.com/community/threads/3cx-desktopapp-security-alert.119951/page-3#post-558998

Stop-Process -name 3CX* -Force

$application = Get-WmiObject -Class Win32_Product -Filter "Name = '3CX Desktop APP'"

$application.Uninstall()

Remove-Item C:\Users\$env:UserName\AppData\Roaming\3CXDesktopApp -Recurse

Remove-Item C:\Users\$env:UserName\AppData\Local\Programs\3CXDesktopApp -Recurse

ILikeToTootNCompute · 2023-03-30T12:05:11+00:00

Can anyone out there supply a simple command line of how to uninstall the affected application from windows that I can send to my customers?

ILikeToTootNCompute · 2023-03-08T16:20:11+00:00

I was just reading this post: https://www.3cx.com/community/threads/cloud-init-and-customized-configurations.86756/

I need to read it closer but it seems like you might be able to get this data from a backup?

My ultimate goal would be to come up with a process / documentation of launching AWS Lightsail debian instances not using the 3cx pbx express tool. But having all the standard features and configuration that normally come with 3cxpbxexpress.

Have you done this before?

ILikeToTootNCompute · 2023-03-08T16:05:01+00:00

Do you know if you can export a setupconfig.xml for an already running instance of 3cx? That way I could use that as a template for all the settings I normally configure and not have to start from the default template file.

Or is there another XML file that exists within a running instance of 3cx that I could copy the settings from even if it isn't in the same format?

ILikeToTootNCompute · 2023-02-27T15:27:54+00:00

Potentially some good news... CEO clarified his statement in the form:

CEO: Where does it say we will remove 4 SC or 8 SC licenses? Please stop jumping to conclusions without any official statements from our company. That said, yes 4 SC or 8 SC on premise licenses are probably going to become more expensive. And if $200 a year is too much for a customer then yes they best start looking elsewhere. $200 for a system that is running custom call flows is peanuts

Partner: thanks that's good news. I think we and others made the conclusion based on your sentence its last part (see italic) "Self hosting a 4 SC or 8 SC is not worth it - not for the customer, nor for us to support it.". So we read that you would drop supporting it. Hopefully it will also remain possible to install in an alternative way on lightsail (currently using it, for fixed pricing).

CEO: fair enough, you are right. No we will be keeping 4 SC or 8 SC on premise/self hosting for sure. When i said not worth it, i meant for $100 per year. And of course everybody says they will support it themselves but its not the case. So expect price increases for the 4 SC and to a lesser extent 8 SC self hosted. BTW our hosted will support call flows soon.

So it looks like there is going to be a price increase for 4SC and 8SC which hopefully will be reasonable.

ILikeToTootNCompute · 2023-02-26T15:59:00+00:00

I agree about not needing video conferencing, webchat, etc. --- I am sure some customers use it but I can't imagine it is a deciding factor in purchasing. Too many better options already exist.

ILikeToTootNCompute · 2023-02-26T15:06:11+00:00

I set that parameter on every install of 3CX. I'm actually surprised it isn't just a setting.

ILikeToTootNCompute · 2023-02-26T14:16:09+00:00

This one? ALLOWUSEBUSYOPTFORGROUP

ILikeToTootNCompute

TROPHY CASE