Slashdot Mirror
Telco Networks Open to Attack?
Cally writes: "This post to NANOG summarises Dave Henderson's paper (.ppt: HTML in Google cache, grep for 'Now Really Public') from the Internetwork Interoperability Test Coordination Committee, about the state of security in the public switched (telephone) network: wide open and "very fragile with a tremendous number of vulnerabilities". Apparently, there's $12b in fraud per year, growing interest from blackhat groups, and more, better, intruder tools. We often hear talk of "information warfare attacks that could result in the draining of bank reserves and the cutting off of power sources" from budget-and-PR hungry, but clue-light, politicians and wonks these days. When an experienced engineer uses such language, it's more worrying." We've also had submissions of this AP article speculating about viruses hitting mobile phones.
Most of the H1B guys I work with seem pretty harmless but in the current security environment it is not surprising to see the following:
2/27/2002
H-1B Scabs are a National Security Threat
Steve Tisza, President of the Communications Workers of America (CWA) Local 4250, wrote a letter titled "Threat to Nation's Communications Infrastructure" to by the National Security Telecommunications Advisory Council (NSTAC). The letter describes how Indian H-1Bs were trained in order to replace about 165 CWA workers. The CWA workers were fired by AT&T on December 14, 2001. AT&T employee relations said that these H-1Bs are a "contingency plan" that will be used by AT&T in the event of a strike by the CWA on May 11, 2002. In other words, the H-1Bs are to be used as scabs in case CWA decides to strike.
These H-1Bs now have access to AT&T's network via all nationwide 4E and 5E switches. Access is needed to provide AT&T's large and small business customers services such as inbound and outbound 800 lines, ISDN and T1 pipes. AT&T's behavior is a security threat because they are allowing foreign nationals to have access to our nation's communications infrastructure.
The question Tisza asked NSTAC is, "Why should AT&T be allowed to continue with this un- American contingency plan?" NSTAC swept this question under the rug saying that they forwarded the letter to "appropriate Federal Agencies". More information can be read at the CWA website.
The security argument is just a gimmick to win other people over to their side. But their real motive for this racist missive is their planned strike.
Say no to software patents.
Simple : you infiltrate a phone router, that links you to a global communication grid, that allow you access to a few T1 that can be used to synchronously sent 'Charge Test' packets to any IP that you define. At the same time, this operation is controlled by a call issuating from a poor companys ISDN phone system that you hacked through whithin 7".
It's a shame this company is calling 500 meters from it's location, but will have a phone bill showing relays in almost every old Alcatel customers. I mean the chinese phone system is not porous. It's dead open...
Don't try in Manhattan but in remote USA the old cheese boxes still works if you want to hack i,to ATT long distance...
Heterogenous system with a LOT of Legacy Code / Hardware...
a dream...
It takes 40+ muscles to frown, but only four to extend your arm and bitchslap the motherfucker
Did you all know that all power transactions on public power systems travel over the internet? Wanna hear something a little better? The backup plan in case of internet breakage is by E-Mail and then finally defaulting to the old fax machine. With the increasing complexity of transactions, increasing dependance on automation of power delivery, and an upcoming rollout of the ETag 1.7 transaction updgrade in April, who's to say the light switches will work in the future?
In light of this article and the probability that the public phone system is very susceptible to a terrorist or otherwise dangerous attack, shouldn't there be a dedicated messaging medium for the power grid? Say, Satellite or Microwave? I realize how daunting a project would be, as well as how cost prohibitive, but look at it this way: A foreign or national threat doesn't attack the power generation facilities, instead, they DDoS a server responsible for scheduling the power delivery. Thus preventing or decreasing the reliability of this power grid. Statewide or even interstate power blackouts are just one of a million effects of such an attack.
I'm not proclaiming a doomsday here, but with the current plight of Enron, shouldn't there be a little more scrutiny?
Related links:
FERC - Federal Energy Regulatory Commission
NERC - North American Electric Reliability Coucil
You can't legislate goodness. Let each to his own destiny, by will of his freely made choices.
The policy wonks when they get it right manage to tune into the right people. They don't always make it up as they go along, so there's no need to be so contemptuous. Alarm bells like this have been sounding for ages and some of the right people have clearly been listening. Despite this yet the /. story dismisses their opinions with casual contempt. They deserve more credit than that for their efforts in the vanguard.
With poorly implemented user rights and security. User have the right to be billed, and administrator have the rights to change anything, and there is (almost) nothing in between.
Any LAN administrator oversees a more balanced aproach, e.g., preventing most user with rights to clear the print que, from deleting all printer software, or deleting anything else. Until SS7's security is better implemented, abuse will be rampant.
-Nathaniel
"When an experienced engineer uses such language, it's more worrying".
Yep, sure is... those engineering degrees ain't what they used to be...
Maybe the reason there have been so many submissions about mobile security and viruses hitting phones is this article on the same cnn.com Sci-Tech page as the one posted. Hopefully, people are trying to head off some of the grief that our European and Asian neighbors have had to deal with.
This appears to be just another indication that the formerly monolithic telecommunications system in the USA is continuing its slow collapse into anarchy. The system has been jettisoning its research, engineering and operations expertise for decades. The former Bell companies are following the example of American rail and steel companies, milk the system for cash and let the infrastructure rot in place.
Mea navis aericumbens anguillis abundat
Maybe slightly off topic... but I do recall reading that upon Alexander Graham Bells death, all the telephone networks went silent for a period of 1min (?) as a mark of respect.
If that happend today the world would panic
Would stock markets crash and water/rail etc networks to go tits-up because of a major 1min phone outage?
We dont realise how dependent we are on the telephone! :-)
(Also... try subsetuteing telephones for oil in the above post
Anyone quoted by a reporter knows how little they understand
Don't believe what you read is the truth.
http://www.atis.org/pub/iitc/ntc/ntc24.doc
This seems to contain the same information in what I found was a tad easier to read although it is in word format so it may not be for everyone.
The article url is http://www.cnn.com/2002/TECH/03/08/cebit.preview/i ndex.html. I don't know what happened to the html in my first post. No, I did not mean "first post"!
Er what grief?
As far as I know not a single mobile virus has struck.
There was a virus (Spanish?)which infiltrated email systems (Outlook) and sent email to a SMS gateway (email to text message gateway.) and hence caused spam messages to appear on phones, but no phone to phone transmission. (.NET on my phone...no thanks.)
Oh and we have one mobile system we can use across our whole continent and several others!
I think that is the sort of "grief" you need in the USA.
As I said, NOT mobile phone viri, just the same old email worm stuff that happens to spam mobiles:
VBS/Timo-A
VBS/San-A
I remember hearing somewhere that someone could bring down ALL over-Atlantic phone connections by finding the IP address of AT&T's router and shutting it down via DoS.
I belong to the ______ generation.
phone owners in Japan and Europe." It goes on to give more detail, of course. Granted, it does say that there has been no phone to phone propogation of code, but I don't think that is such a huge leap of thinking to make.
And, yes, we have one mobile phone system, one landline phone system, one operating system, and one office suite. I think that is the sort of "grief" we have in the USA.
3rd generation mobile phone networks are only just around the corner (relatively speaking); these networks use IPv6 as the transport for the call data. Billing is likely to be based on your source IP address, so if you can spoof someone's address (and probably circumvent a whole load of encryption and authentication) you can probably end up with free phone calls. Voice and data traffic will be going down the same backbone, with intelligent switches that decide what traffic is Internet data and what traffic is voice data. SkRiPt KiDdIeS will have easy access to all the 3G networks the moment they dial up to the internet. I don't know about you lot, but this idea scares the hell outta me given the current state of worldwide network security. I don't know how many IP-based attacks have been solved with IPv6, but I know it's gonna get messy sooner or later.
For those that are interested, there's various IPv4-IPv6 tunnels around that are open for use. If you have a dual-stack machine (Linux can, and there's a MS IPv6 stack available for 'doze) you can set up a VPN into various IPv6 networks. Can't remember the URL, but I know there's one from BT. If people start using / attacking these networks now, then perhaps the problems will be fixed before IPv6 and 3G become mainstream...
I helped build one of the world's largest VoIP companies & i know a few things about the telephony networks as a result. And from what i read in the article is mostly wrong.. You can't just interconnect with out a carrier knowing who you are, Even with ss7. You need to have work orders generated, physical connections involved.. even in VoIP you need set up CICs and point codes, testing of the connection..
Also if anything the decentralization of the telephone networks have made absolutely stronger as a reliable means of transport in times of failure now. It works on the same principle in effect as the internet. Where you can reach a destination via many differnt hops.
For example.. in the old days if you wanted to call London, your call went across AT&T and that was that. Now with 5-10 serious International carriers if even 3 or 4 of the carriers have a facility outage for whatever reason(rare as it is) they can re-route calls to alternate carries where as before they would not be able to do that.
What he seems to fail to mention is that with in 10-15 years traditional telephone networks will be thing of the past and phone service will be regulated to just being another service provided through one of a number of broadband pipes(fiber to your house, g3,g4,gwhatever wireless networks that come next) and the whole concept of a telco will change to the point where companies will server merely as giant switching operation and "enhanced services" with almost zero physical infrastructure, which will also result in the fast drop of telephone pricing as the infrastructure costs dramatically.
Some 7am blurred tired thoughts.. hope that was coherent enough.
2001-12-05 21:23:51 MCI Worldcom networks hacked (articles,news) (rejected)
and I used to work at MCI WorldCom, they were constantly fighting this...
Thanks to file sharing, I purchase more CDs
Thanks to the RIAA, I buy them used...
I volunteer to guard Eva Savalot.
Well this is hardly a surprise. Telcos make money per second that you are speaking, with the exception in some states of free local calls, a phenomenon hard to understand if you were brought up in Europe as I was.
Their infrastructures have rarely been upgraded apart from by default, when old equipment goes obsolete, or in order to make more money with interoperability issues and by increasing international traffic.
That they now realise they have a security issue is no surprise really; they are running stuff which is often vendor configured anyway. They have no value to add - the voice conversation is just a voice conversation. They just want you to stay for more and more minutes.
Some have imaginatively added Caller ID, Voicemail, etc, but all with the interest of more minutes (you call back, you reply to calls even when you wouldn't usually because you can see who's calling, etc) rather than making a better network.
Most Telcos have a monopoly on a geographical area anyway, the small fry always get eaten up. Better quality, higher speed dialup etc all come way after the technology has been available.
The problem of course is that user choice is always limited; the Internet is democratic because you can choose your OS and run what you want, taking your own security. But the phone network you can do nothing about, you have to lump it and pay high rates because regulators tend, alarmingly, to protect the Telco way more than the consumer.
Hopefully someone will make a big attack and wake them up. Not unlike Bin Laden. Whatever the morals of the story, the violence, the cause he was fighting for, one positive thing to come out of the tragedy was the shift in psychology of the average Amercian, who has been forced to soul-search and reach out internationally to understand why some people hate America so much. The Telcos need to understand why the consumers hate them so much.
I cannot think of one state where Telcos run losses on voice calls on fixed networks; GSM and 3G is a whole different ball game which should be taken apart from landline fixed telephony.
Conversion Rate Optimisation French / English consultant
Hey, we need to name that law. -1, uses terrorism as an argument just doesn't sound cool enough. We need to give that law a name... Laden's law? Or, let's do as Time magazine did: NYFD's law?
This guy has been following that story since it first hit, and if you follow all the links in that article you'll find out a lot more than might be good for your sanity.
It's not one Israeli company, but two, Amdocs Ltd. and Comverse Infosys. Between the two of them they don't just handle all the billing but also play crucial roles in law enforcement wiretaps. The amount of damage some random joe can do with a good exploit is really pretty minor compared to the damage that can result when crucial infrastructure is under control of a foreign government - even if it's a government which is usually an ally.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
At the local level, your phone is switched by your neighboorhood central office, which is basically a small building filled with relays (or nowdays, digital switching equipment). The most striking thing about CO's is the battery room. They have racks upon racks of batteries that are constantly charged, and can provide power to run the CO at full load for roughly 12 hours. CO's also have 2 diesel generators to recharge the batteries and enough fuel onsite to run the generators continuously for 2+ days.
Think about it: how often has your phone went out? And when it has, how often was your neighboor's phone out also? Remember, the phone system keeps working even when the power is out.
The physical infrastructure is the most important layer. Everything else can be fixed relatively quickly in the event of an attack (DOS). Its trival to sever a carrier from your network, but its a major undertaking to replace physical infrastructure. As long as that is redundant, and relatively secure, your phones aren't going to stop working any time soon.
Lets take Bellsouth for an example.
Somone overseas wants to knock our %99.9 of our communication. Lets say.. Russia, or Pakistan. All they would have to do is either cut the phiber backbones, or D.D.o.S the HELL out of the switches, or routers that ran the voice, or IP circutes. It isn't that complicated, provided you have the bandwidth. If one Bell company, like Bellsouth was affected, then ALL the states under that region would fall under this attack, and every phone would be out.
The amount of bandwidth you would need would almost be ludacris, probably up around in the GB range if you had enough machines taken over. Bellsouth's main backbone is slightly over 12gigabits from what I understand. (I heard this somewhere).
It would not take much of a blow to knock out SWBell, or Bell$outh. Remember the M$ attack? The one where the guy aimed his tools at their routers? That was a full blown good, thought out, and planned attack. Lets apply the same to the Bells. More people would be affected. If all 4 baby Hells were brought to their knees, then maybe our senators would think twice before giving these idiots total control, and pass more laws in favor of joe user/admin/ISP. Why would they reconsider? Because they couln't call Hollywood and ask for their paycheck, so THEN they would get pissed.
--------------------------
Is this a sig?
--------------------------
The bells have been broken up for years and the only result has been the degradation of technology. We need the new small guys to step up to the plate and create something new and different and stop relying on the old outdated equipment the bells are using to continue to dominate the markets. The only way systems will be secure is if you create new, secure systems that are designed specifically to be secure. There will never be a completely secure system, at least not any time soon, but let's innovate and put a little more effort into improving or recreating what we have. Finally the VoIP guys are starting to create bigger and better methods and systems that require less bandwidth, are more reliable, and are more secure than the current system. The innovation is coming, but I've played with Cisco's VoIP system and I can tell you that even with their CCIEs there were a few weaknesses that were prominent in the new systems, though I admit that it isn't finished yet. The point is, as long as the new companies rise up to challenge the bells with the bells own equipment nothing is going to happen. There will be no improvement, no innovation, and there will be more exploits and increased knowledge of these systems that can be exploited.
And like kids who are beaten up and grow up to be abusers themselves, Israel has grown into bully of a nation that's occupying territory that's not rightfully theirs (west bank and gaza), runs a reign of terror there and for the last month has been preparing a Final Solution to the Palestinian Problem:
There are American criminals, and Swedish criminals, and Mongolian criminals, and there are probably Israeli criminals too.
Indeed. Not a single nation, race, religion, political system or individual is innocent.
The owls are not what they seem
Point 1: When a telco person says "switch", it means something totally different than what a data person means when they say "switch". This is a persistent annoyance.
You can't simply packet an ESS out of existence, because it doesn't know what a packet is. It's not connected to the internet. There are SS7 signaling links and X.25 control links, and maybe a few IP control links if you're lucky. None of them are connected to the internet. Your phone line is payload, not control.
Exactly how do you propose to access the switch in order to DoS it? There are switch dialins, but most are pretty secure, and good luck finding them. You're planning to do a lot of wardialing first?
Point 2: Telcos lie about bandwidth. When someone says they have a 10 Gigabit backbone, it means they own a couple OC192 circuits. Most of the channels in those circuits are probably not filled.
That's like saying I can move a thousand shipping containers a day, because there's a large river between me and my destination, and seaports at each end. Nevermind that I don't own any ships!
An OC192 circuit, for instance, can carry four OC48 signals, or 16 OC12 signals, or a mix thereof. Anything that adds up to 192 STS-1 payload envelopes, or equivalent concatenated payloads. You get the idea. Chances are, they're carrying one or two OC48s on the thing, and the rest is for future expansion. Each of those OC48s in turn is probably only 70% full.
When did Bruce Sterling write The Hacker Crackdown? Ten years ago? This isn't exactly news. Incidentally, read Sterling's book if you haven't already -- it covers the early days of hacking AT&T unix systems, phone phreaking, the history of the US Secret Service and more. The EFF has it in a dozen-odd formats, there's an ebook version for the PalmReader, and just for grins you can even get it of The WELL's Gopher server(!).
The entire infrastructure is carried on SONET equipment. (That's Synchronous Optical Network, and if you didn't know that, you should read up on it, it's neat stuff.) Being synchronous, this stuff royally shits if there's something wrong with the timing.
Way back when T-carrier was first deployed, Bell realized this and set up a nationwide synchronization distribution. I think the master clock was in Kansas City. Anyway, the sync signal was distributed over wireline circuits to every central office in the country. Maybe Canada too?
However, most interoffice links are fiber now, the same SONET rings that depend on such precise synchronization. Ring-timing is awkward, and without very careful planning, sync loops can form. (Long story, look it up. The short version is that when a SONET system loses sync, it doesn't carry traffic.)
The modern concept is called BITS, or Building Integrated Timing Supply. Each office has a sync signal source, driven by an LPR (local primary reference) oscillator, which is in turn frequency-locked to a reference signal derived from GPS satellite signals.
Yes, that's right, the whole telephone network will fall apart if the Global Positioning System stops transmitting. Depending on the stratum class of the LPR, it might be able to "hold over" for a couple days, maintaining an accurate timing signal in the absence of an upstream reference. They will eventually drift, and most offices only have stratum-3 units anyway.
The network is so poorly planned in the first place, most transport engineers haven't got a clue about ring timing and such. They just hook each terminal to the BITS clock and hope it works, which it does, until something happens to the BITS clock. If all the BITSes in the network started drifting from one another, the system would slowly fail over a few days, as timing slips exceeded the tolerances of the various systems.
If such a thing were to happen, don't bet on the ability to patch things up quickly. Recordkeeping is horrible, and even if it weren't, it would be a daunting task to spontaneously set up a new sync distribution network independent of GPS.
I've heard on good authority that you wouldn't even need to take out the satellites themselves. A couple properly placed nuclear detinations could screw up the somethingsphere such that GPS signal propagation would suffer. Any physicists care to clarify?
On X (where X = a date sometime before 1980 = Bell's birthday | anniversery of Bell's death) , all telephone lines in North America went silent for Y (where Y= 1 | 2) second(s), as a tribute to Alexander Bell.
I don't want to cause a scare and I really don't want the FBI, CIA or anyone else comming to grill me but this information needs to be added...
I used to work for a very large telecomm company and part of my job was to write software which helped to design networks for some of the largest companies in the US. I throw out the name AOL not because I worked on their network, but because they were one of the mid-sized networks, not the "big ones".
My points are these.
1.) It is very easy to get a map of ALL the major telecomm switching locations and backup generators.
2.) Security is pretty lax, so most dedicated hackers and any mailroom worker could get the information.
3.) Most POP locations are not even manned, much less guarded. A half-dozen backhoes and some cell phones would be enough to coordinate the destruction of about 90% of our telecomm system.
4.) The weak point of every single network is the location of the equipment, not the pipe itself. Some people may argue that there is backup equipment. BS. There is NO backup equipment to replace those locations. The demand to keep up with new technology (DWDM, WLCS, and other cramming technologies) always exceeds the networks' staff, time, and budget. If the equipment was taken out in even a small percentage of the major backbone locations the entire network would fail, and it would be down for a very long time.
My $0.02 will always be worth more than your â0.02, so
Uh.. anyone heard of phreaks? Black hats have been playing with phones for a long, long time. Although most these days are more interested in wireless.
Exactly 6 months ago the phone system in New York was brought down as a consequence of a terrorist attack.
And here in the UK, about a month go, the phone system in multiple areas collapsed during a TV show phone in.
So can you really propose that these systems are robust?
Wow, "Myself", that's probably the most intelligent response I've read so far! And for what it's worth, I totally agree, and people need to make an effort to understand the difference between a "data switch" and a "voice switch"!
:)
Simple fact - 99.9% of basic wired telco infrastructure is completely IP "unaware". In other words, no IP address, doesn't have a clue what TCP/IP is, nor does it care. Granted, the new wireless technologies are more/heavily IP based, but that's a different matter - wireless services always have been, and likely always will be many orders of magnitude more vulnerable to abuse/attack purely because of the uncontrolled nature of the transmission medium (without wires, hence wireless). But I digress...
Of the equipment that does have an IP address, 99.9% of it is privately addresses or firewalled or simply not physically or logically connected to another network.
The only way to "DoS" a switch is to use up the DS0's on it's switching backplane (or whatever, the terminology varies). Even on a tiny switch (5ESS VCDX, etc), this can be multiple hundreds of simultaneous calls.
Then what happens you ask? Simple really, no dial tone to the customer. Your phone doesn't explode, melt down, or otherwise. Nor does the switch "crash". Would it be easily detectable? Without doubt. Would the phone company know where it was coming from or what was causing it? Sure they would.
And, to add to this, most people don't have the slightest clue that dedicated nailed-up circuits (such as PtP T1's) never see a switch. That data is split/multiplexed out of the fiber and handled independantly of switched data. It can't be "jumped" onto another circuit, or have some "magic packet" sent to it to allow it to then connect itself to another circuit or timeslot. Hence the term "nailed-up". Even frame relay is external to the switched voice network for the most part.
What is quite possibly vulnerable is the internal IP (ie computer) network of a particular phone company, or possibly dialup administration modems connected to craft interfaces on various bits of telco gear. But cracking a single telco or exchange and using it as the source of a massive nationwide DoS attack on other carriers isn't going to happen anytime soon.
What's far more likely is a very low-tech attack on the physical infrastructure. Even with redundant facility (logical, physical, and route), there always comes a point in a network that a single "failure point" can bite you. It only depends on how fine-grained your idea of "single point" is.
As far as DoS'ing a "router", how exactly is that different than what happens to routers now? Happens all the time now, so what else is new?
You are correct about the vulnerability due to telecom's dependance on the GPS system. If the GPS network over the US were to go down, it would cause a lot of problems, but it would not crash the entire phone system nationwide. Many central offices, at least the larger ones, have a cesium clock for timing purposes(I'm an engineer at one of the big 4 telecoms and I'm very familiar with our BITS standards). These can go weeks without a slip but eventually they will start to lose sync. Sites that have only stratum 3 back ups are few and far between. Almost all sites that rely on GPS timing have at least a stratum 1 backup. From what I know of my company's and the others SOP's, the industry operates on the belief that if the GPS network goes, we expect it to be back up before the cesium clocks would begin to slip. Stratum 1 can go for a few days, so it would be my estimate that we would encounter problems with the phone networks, major disruptions would be avoided if GPS can be restored within a week. I believe that this theory follows the line of thaught that if the GPS network is down for longet than that, something nearly catostrophic would have to have happened...something so bad that having the phones screwd up would be the least of the country's problems. If something were to happen that takes out GPS sats, it would almost certainly take out a lot of other satellites. Now THAT would really screw us. If you remember what happened in the summer of 1998 what just one communication satellite went down, then you know what I mean. Almost all ATM and credit card transactions, as well as a lot of pagers (mine included) came to a screatching halt. Take out GPS and a dozen other satellites and things get really scary.
Yes, the management plane is seperate. However, it's horribly insecure: You can simply ring the doorbell and walk into the COs in my area, tour around and leave. I've done it a few times, covering three offices. Face it, the only security is the wall of jargon and the priesthood of odd procedures that goes with the public phone network.
[I type this as I latch-up the console on a local ADM and hop around a ring which has a couple of SLICs and a cosmos console on it]
I work at a telco, if you really want to hack, you'd have to get in the telco offices building and/or the telco internal network. You need a magnetic card at minumum to enter the place, important places have a security guards. Magnetic card give you access to parts of the building, there may be doors with code to enter on door. If you're there, you need to know where the production servers are or use the network, you better know the username, password and have the proper SecurId card. Of course everything is logged (for important servers, they'll know what you changed in addition from where and who you are). For DMS it's even more a pain to access them. Productions servers are tested for exploits on a semi-regular basis. Not to mention IP access lists on the routers and switch to limit from where you can try to connect on the server.
Someone please mod up the parent post.
Bush's education improvements were
Kevin Mitnick.
I take it you have never heard of him, or how he hacked the phone company. And the really amazing thing about Mitnick is how sloppy he was.
So much for your theory; in practice, it's a different story.
You are vastly over simplyfying the concept of a timing source.
A true reference clock takes a number of inputs, GPS being a less desired form. Almost all of the major carriers also include an atomic clock as part of their reference.
The militiary pioneered the design of insane consistency when it comes to reference clock signals, with entire 1000+ page documetns describing the various levels of reliability and consistency and the proper combination of all sorts of timing sources from GPS to atomic clocks.
The phone networks will not go down if GPS does.
Okay but you gotta guard carrotTop and Mr. T as well...
The reliability of the current Internet has been studied by Labovitz et al.[1]. They have studied different ISPs over several months, and report a median network availability equivalent to a downtime of 471 min/year and higher. By contrast Kuhn [2] found that the average downtime in phone networks is less than 5 min/year.
As users we have all experienced network down-time when our link is unavailable, or some part of the network is unreachable. On occasions, connectivity
is lost for long periods while routers reconfigure their tables and converge to a new topology. Labovitz et al. [3] observed that the Internet recovers slowly, with an average BGP convergence
time of 3 minutes, and frequently takes over 15 minutes.
On the other hand, SONET/SDH rings, through the use of pre-computed backup paths, are required to recover in less than 50ms; a glitch that is barely noticeable in a network connection or phone conversation.
[1] C. Labovitz, A. Ahuja, F. Jahanian, Experimental Study of Internet Stability and Wide-Area Network Failures. University of Michigan Technical Report CSE-TR-382-98.
[2] R. Kuhn, Sources of Failure in the Public Switched Telephone Network. IEEE Computer, Vol. 30, No. 4, April 1997.
[3] C. Labovitz, A. Ahuja, A. Bose, F. Jahanian, ``Delayed Internet Routing Convergence''. IEEE/ACM Transactions On Networking, Vol. 9, No. 3, June 2001.
I'm a Sr. Technical Manager with a BIG phone company. While I agree that the protocols involved in telephony(SS7 and IP) are insecure, it is VERY difficult to get into our infrastructure. All signaling rides on our own pipe and it is in NO WAY attached, F/W or gateway onto the internet. SS7 is used for call setup and services. It only exists between Co to CO. There is no way an outsider could tap it. IP is ONLY used for provisioning and maintenance. Even if you get in onto the Central Office IP network, you could do Nothing. SS7 is a very flat and complex protocol. Script Kiddies would pull out every strand of their hair before they figure out SS7 and its various operations. We have a very extensive surveillance system from Agilent called AcceSS7. Let's put it this way, if you are doing toll fraud or anything you should not be doing, We'll see it.
What bothers me is the future of telephony. Our switches (5ESS, DMS-100, ESWD) are approaching end of life and will eventually(5 years) be replaced by soft switches, media gateways, gateway controllers and likes of VoIP, RTP, SIP, H.323, etc. The signaling will be not only within the CO but also to the end station. This will be a security architecture nightmare......Just my $.02
I work for a Telco and our security is terrible. The only time something gets replaced is when you can no longer get parts. Most of the hardware switched stuff like actual line circuits are in good shape but someone could cause lots of bad things to happen having access to billing and switching servers. The stuff that actual send commands to those switches telling them what to do!
Kevin Mitnick's time was back when the telephone system was old and very centralized. Thats not what the person you are replying to is talking about at all. In today's world Kevin Mitnick wouldn't be able to have nearly as much of an effect.
Mac OS X and Windows XP working side by side to fight back the night.
GSM worms have been observed in the 'wild' for over a year.
It primarily depends on the GSM phone you carry and if you are in many peoples' GSM phonebooks.
...just like the melissa 'virus' (read: worm), however tailored to your type of phone.
As a person who works with energy trading systems for a living and who gets to spend time on the trading floor for IT stuff, I feel entitled to respond.
If you are referring to power brokerage, the answer is that you are mostly incorrect. A few trading systems support IP trading brokerage between similar systems, but not many. Most trades are done by telephone or (and I shit-you-not) AIM/Yahoo Messenger. we have had people actaully ask us to not let people enter deals into the trading system if the deals was wrong for some reason. (Umm, sir, if the deals has already been made, what good will it do to keep it out of the system if you don't like it? cough cough enron cough)
Now, if you are referring to power generation assets in the field communicating to a central point as to their status, I wouldn't know, because IT has kept me from using my engineering degree for a while...
my 2 bits
- Sig
I dont buy that. 12 billion in fraud? no.
Maybe I would feel a little more compasionate for these companies were it not for the *many* times they have ripped me off, over charged me, pretended to offer a special deal that they would only uphold if you called them up and complained about not getting what you were promised.
I say screw the phone co's and all other companies that have similar slimy practices. Good for those that have ripped them off for 12B. VOIP anyone... there are still companies out there that, even though have shitty executives, (www.quicknet.net) are offering voip services at affordable rates.
http://h0n3yp0t.cc/
I wish we could get past the fact that the Jews have suffered horribly, etc., and appreciate the fact that there are bad people in all denominations.
(Score:-1, Troll)
Hehe, guess not.
I'm aware that a good reference has multiple inputs, I'm simply saying that there isn't a good reference at most offices.
The CO's I've been in have a Telecom Solutions (by Symmetricom) DCD-LPR with GPS GTI cards feeding a DCD-ST2 with Stratum-2 oscillators, which drives the TOxA cards to feed the BITS-clocked network elements in the office.
In such a situation, if the GTI boards lose lock, the ST2 shelf goes into holdover, where it should be good for a few days. (I don't have the specs in front of me.) Equipment still has timing, it's just not locked to anything in particular. The switch and stuff will continue to run, but interoffice links will suffer as slip increases.
I'm sure all the major carriers had a Cesium reference in an office at one time, but nowadays I don't think that's used for anything. It's simply too awkward to push that signal out to each office. The GPS constellation is considered the primary reference.
The phone system won't go down completely, but it will break up into islands until a terrestrial sync distribution system can be established, or GPS can be restored.
Sure, the GPS satellites could be taken out by a rogue nation with too much laser power on their hands. The orbit data are public, after all. It's not a direct military strike, just a nasty thing to do, with repercussions that wouldn't be realized until after the fact.