Telco Networks Open to Attack? 118
Cally writes: "This post to NANOG summarises Dave Henderson's paper (.ppt: HTML in Google cache, grep for 'Now Really Public') from the Internetwork Interoperability Test Coordination Committee, about the state of security in the public switched (telephone) network: wide open and "very fragile with a tremendous number of vulnerabilities". Apparently, there's $12b in fraud per year, growing interest from blackhat groups, and more, better, intruder tools. We often hear talk of "information warfare attacks that could result in the draining of bank reserves and the cutting off of power sources" from budget-and-PR hungry, but clue-light, politicians and wonks these days. When an experienced engineer uses such language, it's more worrying." We've also had submissions of this AP article speculating about viruses hitting mobile phones.
CWA up-plays the situation for their own interest (Score:2)
The security argument is just a gimmick to win other people over to their side. But their real motive for this racist missive is their planned strike.
Re:H-1B Secutiry Threat (Score:1)
how do you think the majors DOS are done unseen ? (Score:1, Troll)
It's a shame this company is calling 500 meters from it's location, but will have a phone bill showing relays in almost every old Alcatel customers. I mean the chinese phone system is not porous. It's dead open...
Don't try in Manhattan but in remote USA the old cheese boxes still works if you want to hack i,to ATT long distance...
Heterogenous system with a LOT of Legacy Code / Hardware...
a dream...
Scarier thought (Score:3)
In light of this article and the probability that the public phone system is very susceptible to a terrorist or otherwise dangerous attack, shouldn't there be a dedicated messaging medium for the power grid? Say, Satellite or Microwave? I realize how daunting a project would be, as well as how cost prohibitive, but look at it this way: A foreign or national threat doesn't attack the power generation facilities, instead, they DDoS a server responsible for scheduling the power delivery. Thus preventing or decreasing the reliability of this power grid. Statewide or even interstate power blackouts are just one of a million effects of such an attack.
I'm not proclaiming a doomsday here, but with the current plight of Enron, shouldn't there be a little more scrutiny?
Related links:
FERC - Federal Energy Regulatory Commission [ferc.fed.us]
NERC - North American Electric Reliability Coucil [nerc.com]
Re:Scarier thought (Score:1, Funny)
Re:Scarier thought (Score:2)
While some power sale transactions no doubt go over the Internet, I doubt very very much that any mission-critical dispatch information is being transmitted that way. For obvious reasons.
sPh
Re:Scarier thought (Score:2)
In fact, both on the CISO and EISO, ALL power transactions are coordinated through the internet by way of the ETag 1.67 or ETag 1.7 messaging, along with the OASIS power reservation system. This includes mission critical power delivery systems. With the increasing load and complexity of loading systems, manual operation is very tedious and a little fragile because human errors are so prone.
You need to do a little research if you don't think we aren't vulnerable.
Umm, no (Score:2)
If you are referring to power brokerage, the answer is that you are mostly incorrect. A few trading systems support IP trading brokerage between similar systems, but not many. Most trades are done by telephone or (and I shit-you-not) AIM/Yahoo Messenger. we have had people actaully ask us to not let people enter deals into the trading system if the deals was wrong for some reason. (Umm, sir, if the deals has already been made, what good will it do to keep it out of the system if you don't like it? cough cough enron cough)
Now, if you are referring to power generation assets in the field communicating to a central point as to their status, I wouldn't know, because IT has kept me from using my engineering degree for a while...
my 2 bits
Re:Umm, no (Score:2)
Because of FERC 888 and 889, now when you transfer power openly across multiple Transmission providers, you must let them all either Passively or Actively accept the transfer. Most of this requires little human interaction and the ETags do most of the coordination(on the internet).
And Yahoo Messenger? I believe you. That's got to be a really smooth way to make a deal; if you type fast enough
Re:Umm, no (Score:1)
I learned a few new words that day, and how to use them to describe another persons shortcomings...
Just occasionally the policy wonks are right. (Score:3)
SS7's oversimplified security (Score:2, Insightful)
Any LAN administrator oversees a more balanced aproach, e.g., preventing most user with rights to clear the print que, from deleting all printer software, or deleting anything else. Until SS7's security is better implemented, abuse will be rampant.
-Nathaniel
Re:SS7's oversimplified security (Score:1)
At the end of the day, we have to trust the network ops that have access, in the same way we would trust banks etc.
James
Time to start worrying... (Score:3, Funny)
Yep, sure is... those engineering degrees ain't what they used to be...
Re:Time to start worrying... (Score:2, Insightful)
Speculating about viruses hitting mobile phones. (Score:1)
Re:Speculating about viruses hitting mobile phones (Score:2, Informative)
Re:Speculating about viruses hitting mobile phones (Score:1)
Er what grief?
As far as I know not a single mobile virus has struck.
There was a virus (Spanish?)which infiltrated email systems (Outlook) and sent email to a SMS gateway (email to text message gateway.) and hence caused spam messages to appear on phones, but no phone to phone transmission. (.NET on my phone...no thanks.)
Oh and we have one mobile system we can use across our whole continent and several others!
I think that is the sort of "grief" you need in the USA.
Re:Speculating about viruses hitting mobile phones (Score:1)
phone owners in Japan and Europe." It goes on to give more detail, of course. Granted, it does say that there has been no phone to phone propogation of code, but I don't think that is such a huge leap of thinking to make.
And, yes, we have one mobile phone system, one landline phone system, one operating system, and one office suite. I think that is the sort of "grief" we have in the USA.
Analysis links for those viruses on cellphones. (Score:1)
VBS/Timo-A [sophos.com]
VBS/San-A [sophos.com]
Disintegration of the Bell System (Score:3, Insightful)
Re:Disintegration of the Bell System (Score:1)
Re:Disintegration of the Bell System (Score:1)
Re:Disintegration of the Bell System (Score:1)
I'm afaid this analogy is rather unaccurate for several reasons. Contrary to traditional blue-collar rhetoric, neither the rail empires nor the steel magnates voluntarily let their infrastructure crumble in order to maximze their profits.
The construction of America's interstate system in the 1940's and 50's brought with it an explosion in cheaper (relative to rail) freight service via large trucks. This major blow to the railroad's traditonal revenue streams, long-distance freight service, precipitated an almost complete collapse of most publicly owned rail systems in less than a decade. (read::Conrail)
As for steel, the late 1970's and early 80's trend towards increased unionization made it more economically rational for firms to buy raw steel imported from South America and Southern Asia where reduced labor costs brought the total costs to less than 1/5 of the domestically produced alternative. Perhaps if more capital was invested
in automation (read::South Asia), the decline of American steel could have been averted.
The demise of both examples is a result of obsolence brought about by technolgical change. The telcos are probably immune to any similar paradigm shift as they will own exclusive rights to whatever technology replaces the current telecommunications infrastructure (this include wireless since the telcos have invested ungodly sums of money to "rent" most of the usefull UHF and microwave spectrums).
If the 'phones did go down... (Score:3, Interesting)
Maybe slightly off topic... but I do recall reading that upon Alexander Graham Bells death, all the telephone networks went silent for a period of 1min (?) as a mark of respect.
If that happend today the world would panic
Would stock markets crash and water/rail etc networks to go tits-up because of a major 1min phone outage?
We dont realise how dependent we are on the telephone! :-)
(Also... try subsetuteing telephones for oil in the above post
Re:If the 'phones did go down... (Score:2)
a real company with a real emergency contingency plan will see it as a minor inconvience. Internet will probably still operate (espically with Cable modems in areas where they switched to a fiber infrastructure that is outside the telco control.)
Plus noone can do something and take down ALL telcos. not possible no way. Yes you can crash all of mci and ATT but you wont crash the allendale telephone company, or GTE local services.
Wanna bet? The vulnerability is synchronization. (Score:5, Informative)
Way back when T-carrier was first deployed, Bell realized this and set up a nationwide synchronization distribution. I think the master clock was in Kansas City. Anyway, the sync signal was distributed over wireline circuits to every central office in the country. Maybe Canada too?
However, most interoffice links are fiber now, the same SONET rings that depend on such precise synchronization. Ring-timing is awkward, and without very careful planning, sync loops can form. (Long story, look it up. The short version is that when a SONET system loses sync, it doesn't carry traffic.)
The modern concept is called BITS, or Building Integrated Timing Supply. Each office has a sync signal source, driven by an LPR (local primary reference) oscillator, which is in turn frequency-locked to a reference signal derived from GPS satellite signals.
Yes, that's right, the whole telephone network will fall apart if the Global Positioning System stops transmitting. Depending on the stratum class of the LPR, it might be able to "hold over" for a couple days, maintaining an accurate timing signal in the absence of an upstream reference. They will eventually drift, and most offices only have stratum-3 units anyway.
The network is so poorly planned in the first place, most transport engineers haven't got a clue about ring timing and such. They just hook each terminal to the BITS clock and hope it works, which it does, until something happens to the BITS clock. If all the BITSes in the network started drifting from one another, the system would slowly fail over a few days, as timing slips exceeded the tolerances of the various systems.
If such a thing were to happen, don't bet on the ability to patch things up quickly. Recordkeeping is horrible, and even if it weren't, it would be a daunting task to spontaneously set up a new sync distribution network independent of GPS.
I've heard on good authority that you wouldn't even need to take out the satellites themselves. A couple properly placed nuclear detinations could screw up the somethingsphere such that GPS signal propagation would suffer. Any physicists care to clarify?
Re:Wanna bet? The vulnerability is synchronization (Score:5, Insightful)
Re:Wanna bet? The vulnerability is synchronization (Score:3, Informative)
A true reference clock takes a number of inputs, GPS being a less desired form. Almost all of the major carriers also include an atomic clock as part of their reference.
The militiary pioneered the design of insane consistency when it comes to reference clock signals, with entire 1000+ page documetns describing the various levels of reliability and consistency and the proper combination of all sorts of timing sources from GPS to atomic clocks.
The phone networks will not go down if GPS does.
Re:Wanna bet? The vulnerability is synchronization (Score:2)
The CO's I've been in have a Telecom Solutions (by Symmetricom) DCD-LPR with GPS GTI cards feeding a DCD-ST2 with Stratum-2 oscillators, which drives the TOxA cards to feed the BITS-clocked network elements in the office.
In such a situation, if the GTI boards lose lock, the ST2 shelf goes into holdover, where it should be good for a few days. (I don't have the specs in front of me.) Equipment still has timing, it's just not locked to anything in particular. The switch and stuff will continue to run, but interoffice links will suffer as slip increases.
I'm sure all the major carriers had a Cesium reference in an office at one time, but nowadays I don't think that's used for anything. It's simply too awkward to push that signal out to each office. The GPS constellation is considered the primary reference.
The phone system won't go down completely, but it will break up into islands until a terrestrial sync distribution system can be established, or GPS can be restored.
Sure, the GPS satellites could be taken out by a rogue nation with too much laser power on their hands. The orbit data are public, after all. It's not a direct military strike, just a nasty thing to do, with repercussions that wouldn't be realized until after the fact.
Re:If the 'phones did go down... (Score:2)
In fact, about 4 years ago Quebec experienced the worst ice storm ever recorded in North America. Electricity and phone service were cut off in some urban areas for up to six weeks. No panic or mass disorder that I am aware of; just a lot of people working very hard to get things cleaned up and running again.
The only people who would "panic" over a 1 minute phone outage are those already in line for a Darwin Award.
sPh
As I recall... (Score:1)
Re:If the 'phones did go down... (Score:1)
We dont realise how dependent we are on the telephone!
We're not that dependent, all of us have lasted much longer than a minute without talking to anybody (days, months, years?)
Now if the telephone system suddenly stopped then that's another story, until we get broadband to everybody then not many will have access to the internet in a time of crisis such as the telephone and television lines being severed
We'll always have radio I suppose...
Another link for the source document (Score:2, Informative)
This seems to contain the same information in what I found was a tad easier to read although it is in word format so it may not be for everyone.
Re:Another link for the source document (Score:1)
Here it is in proper HTML :-)
http://dax.joh.cam.ac.uk/~james/ntc24.html [cam.ac.uk]
(yes, I turned it into Microsoft's attempt at HTML in Word - then fixed it with Tidy and Emacs :P) It does look rather better than the one linked in the article, though...
it's true (Score:1)
Re:it's true (Score:1)
Just because something has an IP doesn't mean its on what most people know as the www.
I mean common, anyone with a LAN knows this. My IP is 192.168.0.2 but you cannot see that from where you sit.
Anyways, I'd like to think there is more than one transatlantic carrier.
Tom
It's only gonna get worse (Score:3, Interesting)
For those that are interested, there's various IPv4-IPv6 tunnels around that are open for use. If you have a dual-stack machine (Linux can, and there's a MS IPv6 stack available for 'doze) you can set up a VPN into various IPv6 networks. Can't remember the URL, but I know there's one from BT. If people start using / attacking these networks now, then perhaps the problems will be fixed before IPv6 and 3G become mainstream...
Re:It's only gonna get worse (Score:1)
Re:It's only gonna get worse (Score:1)
>address, so if you can spoof someone's address (and
>probably circumvent a whole load of encryption and
>authentication) you can probably end up with free
>phone calls.
Billing is NOT done on source IP adress in a 3G network.
Billing is done on your subsciption identity that is stored on a SIM (Subscriber Identity Module, a smart card in the phone).
/Thomas
Re:It's only gonna get worse (Score:2, Interesting)
Actually, yes you would be charged. It's not the IP-address per se that the network looks as in a 3G network to decide who sent (or received) how many bytes to whom (or was active for a certain period of time, 3G allows both), but the tunnel ID.
You see, all end user traffic in a 3G core network (which does the charging part) is tunnled over a protocol called GTP, each user (i.e. active PDP-context of each user and QoS level) has it's own tunnel. The network never really looks at the end user traffic, it just switches tunnels. So in effect, changing your IP address would only prevent your IP stack at the mobile/laptop from accepting the packets, not the network from actually delivering and charging you for them. (Assuming PDP-type-IP).
This is the way it must work if the operator is to be able to correctly isolate corporate customers, without any overlap with other customers. Corporates, that is that may use private addresses and NAT to connect to the Internet per se. So, in effect your phone may not be the only one in the network with that very IP address.
Now, IPv6 complicates matters some, but not much, the basic IPv4 3G infrastructure is still there.
If you want to know more about these matters, it's no longer a secret. All the 3G specs can be found at 3GPP [3gpp.org]. Start with the 23.060 specification, it's the overview. From there on you can dvelve deeper into the charging and the GTP specs, though they are not for the faint of heart (and heavy to carry around to).
Please mod up the parent post. (Score:1, Offtopic)
Someone please mod up the parent post.
Re:It's only gonna get worse (Score:1)
these networks use IPv6 as the transport for the call data Wrong. Networks can use IPv6, but do not need to. Most probably they will not initially. There is to much ATM out there. (Ever studied Voice over IP over ATM?)
Billing is likely to be based on your source IP addressBilling will not be based on your I address. Your IP address will have no meaning within the network. Spoofing the normal way is out of the question.
(and probably circumvent a whole load of encryption and authentication)
SkRiPt KiDdIeS will have easy access to all the 3G networks the moment they dial up to the internet
Those networks only transport data. If a use snailmail, my letter is able to control a mail distribution centre? (Bombs excluded)
Please check http://www.3gpp.org in case you want to know more.
Re:It's only gonna get worse (Score:3, Interesting)
Currently we don't use IPv6, Our phone IP space is nat'ed. But we don't even care about your IP, we bill on your IMSI which is programmed in your SIM Card. But yes, we have these neat sniffers that will show your phone from the (gb) base station link to the (gi) Internet connection. Nice real time ping pong charts that show your every move. Oh yes, and we have location based services, we know where you are. (For E911 etc..)
Interesting fact, most of us read
-
All comments are my own, not of my employer.
Re:It's only gonna get worse (Score:3, Insightful)
BTW, I have to make sure my patches are upto date, and do regular security audits. But im doing 2G/3G data, which is a little different from voice. Thou in the 3G voice/data world, its has more inter-dependices than 2g.
I work for a VoIP Telephony Company... (Score:5, Informative)
I helped build one of the world's largest VoIP companies & i know a few things about the telephony networks as a result. And from what i read in the article is mostly wrong.. You can't just interconnect with out a carrier knowing who you are, Even with ss7. You need to have work orders generated, physical connections involved.. even in VoIP you need set up CICs and point codes, testing of the connection..
Also if anything the decentralization of the telephone networks have made absolutely stronger as a reliable means of transport in times of failure now. It works on the same principle in effect as the internet. Where you can reach a destination via many differnt hops.
For example.. in the old days if you wanted to call London, your call went across AT&T and that was that. Now with 5-10 serious International carriers if even 3 or 4 of the carriers have a facility outage for whatever reason(rare as it is) they can re-route calls to alternate carries where as before they would not be able to do that.
What he seems to fail to mention is that with in 10-15 years traditional telephone networks will be thing of the past and phone service will be regulated to just being another service provided through one of a number of broadband pipes(fiber to your house, g3,g4,gwhatever wireless networks that come next) and the whole concept of a telco will change to the point where companies will server merely as giant switching operation and "enhanced services" with almost zero physical infrastructure, which will also result in the fast drop of telephone pricing as the infrastructure costs dramatically.
Some 7am blurred tired thoughts.. hope that was coherent enough.
Moron (Score:1)
Verrrrrrrrry OLD news... (Score:2)
and I used to work at MCI WorldCom, they were constantly fighting this...
Our vital telco infrastructure must be protected! (Score:2, Funny)
Re:Our vital telco infrastructure must be protecte (Score:1)
Okay but you gotta guard carrotTop and Mr. T as well...
Telco - typical (Score:1)
Their infrastructures have rarely been upgraded apart from by default, when old equipment goes obsolete, or in order to make more money with interoperability issues and by increasing international traffic.
That they now realise they have a security issue is no surprise really; they are running stuff which is often vendor configured anyway. They have no value to add - the voice conversation is just a voice conversation. They just want you to stay for more and more minutes.
Some have imaginatively added Caller ID, Voicemail, etc, but all with the interest of more minutes (you call back, you reply to calls even when you wouldn't usually because you can see who's calling, etc) rather than making a better network.
Most Telcos have a monopoly on a geographical area anyway, the small fry always get eaten up. Better quality, higher speed dialup etc all come way after the technology has been available.
The problem of course is that user choice is always limited; the Internet is democratic because you can choose your OS and run what you want, taking your own security. But the phone network you can do nothing about, you have to lump it and pay high rates because regulators tend, alarmingly, to protect the Telco way more than the consumer.
Hopefully someone will make a big attack and wake them up. Not unlike Bin Laden. Whatever the morals of the story, the violence, the cause he was fighting for, one positive thing to come out of the tragedy was the shift in psychology of the average Amercian, who has been forced to soul-search and reach out internationally to understand why some people hate America so much. The Telcos need to understand why the consumers hate them so much.
I cannot think of one state where Telcos run losses on voice calls on fixed networks; GSM and 3G is a whole different ball game which should be taken apart from landline fixed telephony.
there's not a vulnerability (Score:3, Insightful)
Think about it: how often has your phone went out? And when it has, how often was your neighboor's phone out also? Remember, the phone system keeps working even when the power is out.
The physical infrastructure is the most important layer. Everything else can be fixed relatively quickly in the event of an attack (DOS). Its trival to sever a carrier from your network, but its a major undertaking to replace physical infrastructure. As long as that is redundant, and relatively secure, your phones aren't going to stop working any time soon.
Re:there's not a vulnerability (Score:1)
When the 9/11 attacks happened in NY, Verizon's central office near the tower was damaged.
It still kept working for about 12 hours (not the 2 days you claim) on generator power, etc, before finally giving way.
It took about a month until I got my DSL back, even though I'm miles from Manhattan! It turned out that Verizon's lines weren't nearly as redundant as they thought.
Bellsouth for Example (Score:1, Insightful)
Somone overseas wants to knock our %99.9 of our communication. Lets say.. Russia, or Pakistan. All they would have to do is either cut the phiber backbones, or D.D.o.S the HELL out of the switches, or routers that ran the voice, or IP circutes. It isn't that complicated, provided you have the bandwidth. If one Bell company, like Bellsouth was affected, then ALL the states under that region would fall under this attack, and every phone would be out.
The amount of bandwidth you would need would almost be ludacris, probably up around in the GB range if you had enough machines taken over. Bellsouth's main backbone is slightly over 12gigabits from what I understand. (I heard this somewhere).
It would not take much of a blow to knock out SWBell, or Bell$outh. Remember the M$ attack? The one where the guy aimed his tools at their routers? That was a full blown good, thought out, and planned attack. Lets apply the same to the Bells. More people would be affected. If all 4 baby Hells were brought to their knees, then maybe our senators would think twice before giving these idiots total control, and pass more laws in favor of joe user/admin/ISP. Why would they reconsider? Because they couln't call Hollywood and ask for their paycheck, so THEN they would get pissed.
Why you're clueless. (Score:5, Insightful)
You can't simply packet an ESS out of existence, because it doesn't know what a packet is. It's not connected to the internet. There are SS7 signaling links and X.25 control links, and maybe a few IP control links if you're lucky. None of them are connected to the internet. Your phone line is payload, not control.
Exactly how do you propose to access the switch in order to DoS it? There are switch dialins, but most are pretty secure, and good luck finding them. You're planning to do a lot of wardialing first?
Point 2: Telcos lie about bandwidth. When someone says they have a 10 Gigabit backbone, it means they own a couple OC192 circuits. Most of the channels in those circuits are probably not filled.
That's like saying I can move a thousand shipping containers a day, because there's a large river between me and my destination, and seaports at each end. Nevermind that I don't own any ships!
An OC192 circuit, for instance, can carry four OC48 signals, or 16 OC12 signals, or a mix thereof. Anything that adds up to 192 STS-1 payload envelopes, or equivalent concatenated payloads. You get the idea. Chances are, they're carrying one or two OC48s on the thing, and the rest is for future expansion. Each of those OC48s in turn is probably only 70% full.
Reality check (Score:1, Interesting)
[I type this as I latch-up the console on a local ADM and hop around a ring which has a couple of SLICs and a cosmos console on it]
Switches, Packets, and Script Kiddies, Oh My! (Score:3, Informative)
Simple fact - 99.9% of basic wired telco infrastructure is completely IP "unaware". In other words, no IP address, doesn't have a clue what TCP/IP is, nor does it care. Granted, the new wireless technologies are more/heavily IP based, but that's a different matter - wireless services always have been, and likely always will be many orders of magnitude more vulnerable to abuse/attack purely because of the uncontrolled nature of the transmission medium (without wires, hence wireless). But I digress...
Of the equipment that does have an IP address, 99.9% of it is privately addresses or firewalled or simply not physically or logically connected to another network.
The only way to "DoS" a switch is to use up the DS0's on it's switching backplane (or whatever, the terminology varies). Even on a tiny switch (5ESS VCDX, etc), this can be multiple hundreds of simultaneous calls.
Then what happens you ask? Simple really, no dial tone to the customer. Your phone doesn't explode, melt down, or otherwise. Nor does the switch "crash". Would it be easily detectable? Without doubt. Would the phone company know where it was coming from or what was causing it? Sure they would.
And, to add to this, most people don't have the slightest clue that dedicated nailed-up circuits (such as PtP T1's) never see a switch. That data is split/multiplexed out of the fiber and handled independantly of switched data. It can't be "jumped" onto another circuit, or have some "magic packet" sent to it to allow it to then connect itself to another circuit or timeslot. Hence the term "nailed-up". Even frame relay is external to the switched voice network for the most part.
What is quite possibly vulnerable is the internal IP (ie computer) network of a particular phone company, or possibly dialup administration modems connected to craft interfaces on various bits of telco gear. But cracking a single telco or exchange and using it as the source of a massive nationwide DoS attack on other carriers isn't going to happen anytime soon.
What's far more likely is a very low-tech attack on the physical infrastructure. Even with redundant facility (logical, physical, and route), there always comes a point in a network that a single "failure point" can bite you. It only depends on how fine-grained your idea of "single point" is.
As far as DoS'ing a "router", how exactly is that different than what happens to routers now? Happens all the time now, so what else is new?
Re:Switches, Packets, and Script Kiddies, Oh My! (Score:1, Insightful)
Agreed 100%. I'm a former telco engineer now in the ISP world. It's funny to see how many Slashdot groupies and script kiddies think the telco infrastructure is going to crumble tommorrow to IP. I agree completely that the old one trunk, one call paradigm has a limited lifespan, but the IP world is built on a very weak foundation. ISPs and the IP networking world in general have a lot to learn about building mission-critical systems, testing, and offering services that actually work. (Case in point, how many telco switches crashed on 9/11 versus websites and ISP infrastructure ?)
As for the SS7 security posts, SS7 is no more venerable than BGP, and it operates on basically the same priniciple as trusting your neighbor.
The IP world is basically one big cluster f*ck that somehow works. The telcos are big, clumsy, and slow to implement new technology, but they're that way for a reason. God help us when your telephone service depends on cron jobs and BIND.
Time for some change (Score:2)
Re:Time for some change (Score:1)
Re:Time for some change (Score:3, Insightful)
Today, we can choose from a bewildering array of "services", most of which we don't need, that appear to have a lower unit price but which after fees, surcharges, fees on fees, fees on surcharges, and opportunity costs of fighting through your bill (we have a full-time person doing that now) generally turn out to be more expensive than they were in 1970. And we receive these services from organizations which are not only just as arrogant as the Bell companies of 1970, but which often don't even bother to answer their phones and which can't find a person to fix your problem even when they do bother to answer. And which also tend to disappear overnight, taking your wonderful "services" with them.
And, of course, the old Bell companies are still there (dealt with Verizon lately?), as arrogant and as profitable as ever.
Now what was that "progress" you mentioned?
sPh
this was old news in 1992 (Score:1)
Really though... (Score:3, Interesting)
I used to work for a very large telecomm company and part of my job was to write software which helped to design networks for some of the largest companies in the US. I throw out the name AOL not because I worked on their network, but because they were one of the mid-sized networks, not the "big ones".
My points are these.
1.) It is very easy to get a map of ALL the major telecomm switching locations and backup generators.
2.) Security is pretty lax, so most dedicated hackers and any mailroom worker could get the information.
3.) Most POP locations are not even manned, much less guarded. A half-dozen backhoes and some cell phones would be enough to coordinate the destruction of about 90% of our telecomm system.
4.) The weak point of every single network is the location of the equipment, not the pipe itself. Some people may argue that there is backup equipment. BS. There is NO backup equipment to replace those locations. The demand to keep up with new technology (DWDM, WLCS, and other cramming technologies) always exceeds the networks' staff, time, and budget. If the equipment was taken out in even a small percentage of the major backbone locations the entire network would fail, and it would be down for a very long time.
Re:Really though... (Score:2)
I used to work designing data networks for the New York Stock Exchange and associated companies, brokerages, etc... One of the biggest problems was that almost all of our telco services were provided out of one or two buildings. One of those buildings was the West St. CO which was heavily damaged during the 9/11 attack was one of the primary reason the stock exchange had to close for several days.
The only way to avoid this CO was to build our own telco infrastructure. We had to buy (not lease) 250 pair of fiber in a large ring around NYC to avoid the West St. CO. We looked at leasing the fiber but all the companies wanted to run the connection into West St.
We then used point to point microwave link to backup key portions of the fiber ring.
It turned out that all this still wasn't enough. One network connected to the Internet via a single major ISP via multiple POP (from multiple data centers around NYC) and no two connections were supposed to have any common physical circuits. We even paid extra for this, but the had all circuit running through the West St. CO. From the IP layer and Circuit IDs it looked like everything was ok, but the telco didn't maintain physical diversity.
Re:Really though... (Score:2)
Seen it too many times.
Re:Really though... (Score:2)
Re:DOS'es already occur... (Score:1)
I work for a Telco (Score:1, Informative)
What bothers me is the future of telephony. Our switches (5ESS, DMS-100, ESWD) are approaching end of life and will eventually(5 years) be replaced by soft switches, media gateways, gateway controllers and likes of VoIP, RTP, SIP, H.323, etc. The signaling will be not only within the CO but also to the end station. This will be a security architecture nightmare......Just my $.02
I work for a Telco (Score:1, Informative)
12B?! (Score:3, Insightful)
Maybe I would feel a little more compasionate for these companies were it not for the *many* times they have ripped me off, over charged me, pretended to offer a special deal that they would only uphold if you called them up and complained about not getting what you were promised.
I say screw the phone co's and all other companies that have similar slimy practices. Good for those that have ripped them off for 12B. VOIP anyone... there are still companies out there that, even though have shitty executives, (www.quicknet.net) are offering voip services at affordable rates.
There's a lot more to that story... (Score:3, Informative)
This guy [antiwar.com] has been following that story since it first hit, and if you follow all the links in that article you'll find out a lot more than might be good for your sanity.
It's not one Israeli company, but two, Amdocs Ltd. and Comverse Infosys. Between the two of them they don't just handle all the billing but also play crucial roles in law enforcement wiretaps. The amount of damage some random joe can do with a good exploit is really pretty minor compared to the damage that can result when crucial infrastructure is under control of a foreign government - even if it's a government which is usually an ally.