Vulnerability of Telco Switching Equipment

call -151 writes: "Interesting New York times article about the Sept 11th attacks' effect on the Verizon switches in lower Manhattan. Turns out there was a problem in that much of the network switching was in one building and it has taken a while to restore service. Sounds like there is lots of pondering about the vulnerability of the network, even when it is distributed across many physical locations. Of course the attacks are making lots of people rethink their vulnerabilities, but the estimate is for five years' work before there could be redundant paths for the lines into their switches in the one building, with no plans to spend the money to do it. Maybe someone should send them a few hundred thousand 'self-install' kits like they do with their DSL service ..."

come see the flaws inherent in the system

[joenobody]

This makes perfect sense: the Internet did well because it relies on smart endpoints (computers) and unintelligent routes. The best routing, then, is equal speed routes from and to every endpoint and we see something approaching this with multiple routes connecting small groups of hosts.

The phone company relies on dumb endpoints (phones) and a smart system in the middle. The best (simple) routing solution would be every phone connected by a line to a central switching station. In an urban area, this is exactly what we see- one or two central switching stations or point of failure.

This really shouldn't be any surprise at all.

As a side note, this is also why growth and development has been much faster than on the phone- to change the phone system you have to change one place - but no one will let you, because you might break it for every other customer. On the Internet I can tinker with one or two machines and everyone else is unaffected.

Doesn't take much

[JediTrainer]

I don't suppose anyone else remembers the
infamous fire in a Bell Canada phone exchange in Toronto. This fire knocked out phones in much of the city for a couple of days as the crews scrambled to fix things. It was interesting trying to do business....

In my company's case, we still had working Internet via ISDN, so we were still able to go about our business. Some cell phones weren't working, however.

It's inevitable

[jht]

As long as you have lots of wire going back to an endpoint, the endpoint is vulnerable. Most CATV systems have the same weakness, too. About the only thing that isn't as vulnerable to a single point of attack is the power grid at the plant level, and that's because of grid interconnection (there were some interesting power grid-related articles in IEEE Spectrum a few months back). But at the local level, a few substations feed large portions of a city - in my city of 40,000 or so a single squirrel took out a large portion of the town earlier this year. And we have our own generating station here, too.

In any tree-shaped network taking out the trunk takes down all the branches. Verizon is just doing what makes (in the pre-9/11 world) good economic sense in not having full redundancy, with multiple paths. What you might see someday in the not-too-distant future is a few areas (like Wall Street) get second switching stations further uptown, but really the best solution for a business that really never thought about the phone network is a dish pointed to a CLEC that isn't in the same CO as the primary circuits from the ILEC.

If Winstar had remained viable they might well be seeing a big demand spike hit about now as corporate DR people realize their potential weakness.