The problem is that if the telephone system becomes based on the Internet, there will be catastrophic security breaches in our telephone system.
This is because every node on the internet can have packets directed at it by any other node. That's the whole point of end-to-end. But that means any joker with a PC can log in to his ISP and start up h4x0r scr1pt5 to start cracking phone switches.
With the current phone system, control signaling is out of band - end users can only control the phones at each end of the connection, and cannot control the functioning of the switches in between. You can command the switches by dialing a number, but you can only route your call this way, not control the basic functioning of the switch.
To a large extent security can be maintained by keeping the telco equipment in securely locked buildings.
But the protocols used for the phone system apparently aren't designed with security in mind, so that when they are adapted to the Internet, they become gaping security holes.
Potentially someone could do some clever work and bring down a whole nation's phone system, if it were on the Internet.
The convergence of the telephone system and the Internet has already been going on for a while. It is quite common for long-distance calls to be routed over the Internet, so you get phone-to-phone VOIP without the user being aware of it.
It is also common for telcos to be ISPs, and they just use the same fiber for voice and data. It's more economical to use the same data formats and protocols for voice as well as data, so they transmit all the voice calls with the Internet Protocol.
IIRC, this was done some time ago with the current telephone network. Something to do with convincing one exchange that it had a fault, and that took down all of the surrounding exchanges.
It wasn't an attack, it was a bug. In brief, there was part of the initialization code that wasn't properly multithreaded, and it caused cascading failures. It wasn't a problem as long as only one switch in a 'neighborhood' was re-initializing, but once it got started, more switches connected to the original set would hit the same problem and re-initialize too and things just kept getting worse.
The nature of the problem was that all the switches were running the same or very close versions of the software, and they all had the same bug. It's a good thing MS isn't making much headway in the server, firewall and router spaces, or we would have lots of problems like this one already. (ok, it's a lame joke really, but not too hard to imagine a real scenario)
Section 5 of Part 1 of Bruce Sterling's The Hacker Crackdown [lysator.liu.se]. None of this was done from the outside. AT&T only wanted people to think it did. What happened was the complete result of programming failure.
Bruce describes the problem thusly: "Within the C software was a long "do... while" construct. The "do... while" construct contained a "switch" statement. The "switch" statement contained an "if" clause. The "if" clause contained a "break." The "break" was supposed to "break" the "if" clause. Instead, the "break" broke the "switch" statement."
The upshot was this: the new System 7 software provided a safety net in case a switch had issues. It would rid itself of all calls, then reboot itself, and when it came back online, it would send out an "OK" signal. The problem was, the "OK" signal would cause all the switches on the net to bookkeep the fact that the other switch was back online. While bookkeeping, the flaw arose: If two calls came in at almost exactly the same time while in bookkeeping mode, the data would get garbled due to the glitch. Then the switch would drop all calls, reboot itself, and then send out an "OK" signal to all the other switches. See the problem forming? A cascade of ups, downs, and "OK" signals floods within ten minutes, and nightmare scenario occurs.
Remember this, it was not a hack. It was simply poor programming.
Dial up modems can have a huge amount of security (dial back and wierd tones pairs come to mind.. hey we use both here!) I can make a dial up system that will keep out any cracker that has even good skills. and this isn't even the computer asking for the password... they cant even get past the modem it's self unless they social engineer enough information to hijack the phone numbers the modem automatically dials-back to. (Only 3 of them.) and then the cracker needs to modify his modem to use a different set of signalling tones.. either by hardware hacking or by social engineering me directly.
or the cracker can tap our private t1's and fiber connections to try and break in...
but only an idiot would put a critical or important system on the internet.... the worries in the parent post are unfounded unless the telcos are staffed with idiots for engineers.
Well having many a Telco engineer work for me they are on average not the britest bunch they love technology they are comfertable with (ATM that bloated POS) now at the same time they distrust IP networks to no end the local telco has enough firewalls it's a big onion of layers unfortunatly they dont understand how to lock them down they only serve to stop the simple things and make it hard on users.
Bailing out telcos dosent make much sence the copper dosent go away somebody generaly buys up the contracts and the wire serving an existing install generaly is profitable it's getting those installs in there (and how many telcos were offering free hookups for a 20 year contract to dot coms I know a few did to the ones I was involved with)
Just because the phone system uses cheaper off the shelf routers and the TCP/IP protocol does NOT mean it will be particularly vulnerable to hacking. You are confusing the successful efforts of script kiddies to hack cheaply set up servers running commercial OSes with an entirely different problem. These routers, which are rarely hacked, use flash firmware and a standard hardware configuration. They are usually not remotely reprogrammable, and use extremely stable code that is short on features, long on reliability (the opposite of commercial OSes). Hacks of these backbone beats are EXTREMELY RARE...most failures are due to operator error.
No, I don't work for CISCO or the other companies, just explaing what they sell and why it works.
Who says these routers will be part of the internet, anyway. Its doubtful you'd be able to send packets to one. Hacking REAL SYSTEMS is a lot more difficult than the ignorant public believes it to be, in fact I'd say many true embedded systems cannot be hacked. (if you can't reprogram it because it has no writable memory, how exactly are you going to subvert it?)
"Be there. Aloha."
-- Steve McGarret, _Hawaii Five-Oh_
Security of Internet-based phone system (Score:5, Insightful)
-
Phone hacking, the next generation [counterpane.com]
The problem is that if the telephone system becomes based on the Internet, there will be catastrophic security breaches in our telephone system.This is because every node on the internet can have packets directed at it by any other node. That's the whole point of end-to-end. But that means any joker with a PC can log in to his ISP and start up h4x0r scr1pt5 to start cracking phone switches.
With the current phone system, control signaling is out of band - end users can only control the phones at each end of the connection, and cannot control the functioning of the switches in between. You can command the switches by dialing a number, but you can only route your call this way, not control the basic functioning of the switch.
To a large extent security can be maintained by keeping the telco equipment in securely locked buildings.
But the protocols used for the phone system apparently aren't designed with security in mind, so that when they are adapted to the Internet, they become gaping security holes.
Potentially someone could do some clever work and bring down a whole nation's phone system, if it were on the Internet.
The convergence of the telephone system and the Internet has already been going on for a while. It is quite common for long-distance calls to be routed over the Internet, so you get phone-to-phone VOIP without the user being aware of it.
It is also common for telcos to be ISPs, and they just use the same fiber for voice and data. It's more economical to use the same data formats and protocols for voice as well as data, so they transmit all the voice calls with the Internet Protocol.
Re:Security of Internet-based phone system (Score:1)
Telco crash (Historical) (Score:2)
The nature of the problem was that all the switches were running the same or very close versions of the software, and they all had the same bug. It's a good thing MS isn't making much headway in the server, firewall and router spaces, or we would have lots of problems like this one already. (ok, it's a lame joke really, but not too hard to imagine a real scenario)
Taking down exchanges internally. (Score:1)
Bruce describes the problem thusly: "Within the C software was a long "do... while" construct. The "do... while" construct contained a "switch" statement. The "switch" statement contained an "if" clause. The "if" clause contained a "break." The "break" was supposed to "break" the "if" clause. Instead, the "break" broke the "switch" statement."
The upshot was this: the new System 7 software provided a safety net in case a switch had issues. It would rid itself of all calls, then reboot itself, and when it came back online, it would send out an "OK" signal. The problem was, the "OK" signal would cause all the switches on the net to bookkeep the fact that the other switch was back online. While bookkeeping, the flaw arose: If two calls came in at almost exactly the same time while in bookkeeping mode, the data would get garbled due to the glitch. Then the switch would drop all calls, reboot itself, and then send out an "OK" signal to all the other switches. See the problem forming? A cascade of ups, downs, and "OK" signals floods within ten minutes, and nightmare scenario occurs.
Remember this, it was not a hack. It was simply poor programming.
Re:Security of Internet-based phone system (Score:3, Interesting)
Dial up modems can have a huge amount of security (dial back and wierd tones pairs come to mind.. hey we use both here!) I can make a dial up system that will keep out any cracker that has even good skills. and this isn't even the computer asking for the password... they cant even get past the modem it's self unless they social engineer enough information to hijack the phone numbers the modem automatically dials-back to. (Only 3 of them.) and then the cracker needs to modify his modem to use a different set of signalling tones.. either by hardware hacking or by social engineering me directly.
or the cracker can tap our private t1's and fiber connections to try and break in...
but only an idiot would put a critical or important system on the internet.... the worries in the parent post are unfounded unless the telcos are staffed with idiots for engineers.
Re:Security of Internet-based phone system (Score:1)
Bailing out telcos dosent make much sence the copper dosent go away somebody generaly buys up the contracts and the wire serving an existing install generaly is profitable it's getting those installs in there (and how many telcos were offering free hookups for a 20 year contract to dot coms I know a few did to the ones I was involved with)
Re:Security of Internet-based phone system (Score:2)
These are only secure if you trust the security of the telephone network. Why do you trust the security of your network to unknown third parties?
Re:Security of Internet-based phone system (Score:3, Informative)
No, I don't work for CISCO or the other companies, just explaing what they sell and why it works.
Who says these routers will be part of the internet, anyway. Its doubtful you'd be able to send packets to one. Hacking REAL SYSTEMS is a lot more difficult than the ignorant public believes it to be, in fact I'd say many true embedded systems cannot be hacked. (if you can't reprogram it because it has no writable memory, how exactly are you going to subvert it?)