Both ChanSpy and MFA were brought up. However, this is all apples and oranges and really doesn’t do much.
We weren’t talking about PBXact, however, it wouldn’t be an add-on cost. PBXact is a fully commercial version of FreePBX with all commercial modules fully licensed.
This was about FreePBX which is the OSS version that can have commercial add-ons.
are you really that shallow? it was one of a couple key reasons, it was however the one that tipped the scales. the second and the big one was the fact that code submissions to fpbx are declined if it impedes on fpbx future “feature plans” let alone whats in commercial modules that do the same thing. this is the dangers of an OSS being controlled by a company who makes money selling modules to do things, they will never accept or allow anything that competes with their money making ideas, yes, ideas that are not even coded yet.
2 Likes
many years ago a system that was setup by some third party did not disable it ( chan spy was enabled by default up until fpbx 16 - yes sixteen) I was called in when that companies management got suspicious noticing how some staff were acting on phones, they set a trap about someone to be fired and another to be promoted over others, their trap worked given the attitudes of said people, seems the company had some tech savvy staff and knew about 555 and I found several of them were listening in on managers calls, quite a lot by logs, so yes it was being abused, and the three firings that then occurred were in no way a fake trap.
I’ve personally stayed in a lot of hotels, when you discover its an asterisk system, my curiosity prompts me to test 555, of all the fpbx systems (not that many since most of them use avaya nec mitel etc) every one of them offered me calls to listen in on, I informed the managers of each immediately and told them how to disable it, I also have a conscience so never charged any of them for it, since its a 15s job to disable the damn thing.
2 Likes
That introduces point (0), which is how many 10 user systems have anyone who uses it legitimately.
(I may have misunderstood, but I thought one of the key reasons people were asking for MFA was to control the the use of chan_spy. That is why I was making a connection.)
Let’s be specific about which North Americans are good people. Because right now, Canada are bad evil guys lol
1 Like
This is a FreePBX forum so I’m kinda hesitant but I will go ahead to mention an Asterisk based brand and your opinions about it. I’m especially interested in your take given your veteran status in VoIP consulting. iVozprovider. Heard about it? Any takes (hot or otherwise)?
I think this conversation has gone off the rails, but I would like to point out that Canada is in North America… That said, if something needs to be split off a post, perhaps this whole conversation perhaps it can get back up on the rails
4 Likes
Well, in the good old days people just provided workarounds, patches and fixes…some still do it
e.g.
https://usecallmanager.nz/documentation-overview.html
So this is no excuse!
you certainly misunderstood, the two issues are two completely separate failures of Sangoma
1 Like
but but Canada is the US’s 51st state lololol
on related news I heard Alaska and Hawaii are pleading to be annexed away from US 
I’m not going to bother retyping my long and eloquent response from a few days ago. But I will say that having the forums down for hours and then restoring from a 4 day old backup with absolutely no comment or explanation probably isn’t going to reassure anyone of anything.
6 Likes
Looks like wires got crossed about the same time as this post explaining in more detail what happened during the recent forum upgrades and, yes, we are working over the weekend to help restore the posts from March 18 and March 19.
Thank you for the eloquent response!
Haven’t stopped by in months, glad to see the community has maintained its commitment to drama. 
That’s an easy commitment to make. A commitment to open source software by a corporation, however, is harder and has to be more than lip service. Most importantly it has to include meaningful financial and logistical support to in-house developers. Otherwise, all it’s “committing” to is gatekeeping access to the project.
There should be a minimal standard of code and project management that dictates well-documented code with a consistent style, helpful explanations of changes to that code, and testing before allowing a change into the codebase. The fact that this doesn’t happen with FreePBX means that Sangoma either isn’t willing to pay for the best people, and/or isn’t willing to properly support and manage them once they’re in place.
Taking the the most recent commits to the framework module as an example: 18 February, a PR is opened at 2AM Pacific time. No description or explanation for the changes is given in the PR, though the title suggests some kind of connection to an issue. The author’s profile has no identifying details but their commit history shows 3 years of activity on mostly FreePBX repos, so maybe they’re affiliated with Sangoma somehow? Less than an hour later, the PR is merged, without comment or explanation. Then, 15 minutes later, the change is reverted: again with no explanation given.
Maybe there was some internal communication around this; we – the open source community – don’t know. All we see is chaos: some random dev wiping out a public method from a core framework class for no reason is okayed by Sangoma, followed by a hasty undo. This time the (presumed) mistake was caught early before going out into release. Many times it isn’t. This is just one example, and sure: I was looking for something to criticize. But I was expecting to have to scroll through a little more than (checking notes, counting on fingers) zero commits to find it. Coders all make mistakes, but industry best practices are made to prevent us from showing those mistakes in public.
Walk the walk, put your money where your mouth is, etc, etc. If you have a commitment to open source, you must have a commitment to your developers and good development practices.
(lost post from 2025-03-19 16:46:15 restored by mod on 2025-03-22 and requested review by @miken32)
3 Likes
^^^^ That.
This behavior/process is resulting in code that we do not believe is of an acceptable standard to use in a business environment. I have, multiple times, requested that the testing procedure be shared and that code quality be improved.
We’re still experiencing issue with certificate updates, the SangomaConnect module, and more. To the point that we’ve started recording all updates installed on all the systems we support so we can try to rollback if needed.
3 Likes
Is this on Switchvox, or with one of the paid support offerings from Sangoma for FreePBX or on the free best-effort support tickets for FreePBX?
Yeah it’s wild. I ran into a sangomaconnect bug the other day. I don’t use it, it’s not licensed it was just installed as part of the normal install and it broke things ¯\_(ツ)_/¯
3 Likes
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.