British Telecom, who still — despite two decades of privatisation and de-monopolisation — own somewhere north of 80% of the British fixed land-line telephone market, is to unroll the first stage of its IP-dialtone project in Cardiff, real soon now. Note for American readers: Cardiff, in Wales, is routinely menaced by Dr Who's enemies. Nobody quite knows why. Now it's being menaced by British Telecom, and where's the Doctor when you need him?
BT's 21s Century Network program sounds like a good idea, on the face of it. It replaces the entire digital trunked infrastructure with a packet-switched one, in which the entire phone network runs over TCP/IP — the same internet protocols you're getting this web session over. Presumably this allows BT to tie into Voice over IP networks directly, and the business of giving you an audible dialtone and a voice when you lift your telephone receiver is down to a small box of tricks at the end of the local loop. The local loop is that bit of copper wire that links you to the phone exchange down the road — the last half mile.
However. In an effort to hasten the demise of the old state monopoly, some years ago the British government mandated a process called "local loop unbundling". What this means is, basically, other telcos are allowed to stick bits of equipment in BTs exchange in order to hook into your local loop. That way, BTs prior monopoly on the local loop — which locked out any competitor who couldn't spend the necessary billions to dig up every road in the UK and install a new, parallel, local loop — vanished.
It occurs to me that the combination of local loop unbundling and IP-dialtone means that anyone who can pony up the readies to apply for a telco license (and that means just about any small-to-middling internet service provider — those 0845 flat-rate modem dialup numbers that feed cash to the ISPs via the interconnect service fee work because they're legally telcos and pay a lot less than the flat fee for access to your local loop) can stick an IP router into the telephone exchange and, er, sniff packets.
Running a business or large enterprise that uses the public telephone service? Worried about the confidentiality of your phone calls? Some other organization with a telco license could well be promiscuously logging all your traffic to a hard disk somewhere. Better still, there are fun things you can do with a corrupt DNS server on the local network that just don't bear thinking about (although I am thinking about them, starting with "man in the middle attack" — it doesn't matter how secure the crypto on your voice stream or house VPN is, if it's not going where you think it's going and the computer at the other end isn't the computer you think it is).
What 21CN means for the citizens of Cardiff is that large-scale bugging at the exchange level suddenly becomes practical for organizations other than the spooks at GCHQ and NSA. Hell, I wonder if Cardiff County Council realize they could be being bugged? More to the point, I wonder if the good burghers of Cardiff realize that all their telephone banking calls are about to be 0wn3d?
Paging the Doctor ...
Imagine a hunt for customer data.
Who do you phone? At what time of day? How long are you on the phone?
Add in computer/telephone connections. Do you use encryption? What type of encryption do you use? Who is your server?
The possibilities are endless. Especially if you have a computer hunting for key words.
What are the people talking about today? Who needs polls?
Surely such a packet-sniffer would only be practical for unswitched networks?
... hm, no, ARP spoofing would allow an attacker on a switched network to sniff at least some packets from calls to or from targets (although network bandwidth constraints would presumably prevent it from doing this on a very wide scale).
This is a local net, after all: ARP spoofing is every bit as worrisome as is DNS spoofing...
... time for ARPSEC? ;)
Since I've just phoned the council to pay my council tax, and handed over all the information needed to rip off my card, I do wonder if people will record such conversations, or else really sneaky though possibly not so profitable would be to fool the system into routing calls to paymen tlines to your operators, who will then impersonate the real ones. Meaning you have their full card details, (including the pointless 3 digit security number) and their address, and can then go on a buying spree.
Your comments about crypto are slightly incorrect. If your connection / VoIP / VPN is encrypted (and hopefully has integrity checks) only then a man in the middle attack could be made to work. That's why there is a branch of cryptography and computer security that deals with authentication. For examples look up SecSH/SSH, OpenVPN and GPG.
The move to IP based phone systems is pretty much unavoidable, and I suspect it should be possible to set up LLU kit without causing security problems. However given the ability of large companies to screw things up I think your suspicions are justified.
I reckon a lot will depend on how the physical local loop is connected to exchange hardware. I don't think things need an engineer with a screwdriver, but I can't see how you can avoid passing through BT-controlled switching without using a distinct physical connection.
Not that it need be difficult to subvert that, but having BT controls who might listen isn't so different from what's always been happening. I recall suggesting that, with digital exchanges and trunk lines, there was nothing to stop a Fidonet node on the Little Snodbury exchange being physically at GCHQ.
I'm not so much worried about BT controls listening in as about who might be listening in on them.
How much does it cost to set yourself up as an ISP/telco? Petty change to the Chinese or Iranian intelligence services, I'll hazard.
Er, just to be clear, most secure protocols (e.g., SSL, ssh, etc) are actually designed with MITM attacks in mind. They may not actually be proof against them, but certainly in principle they should be.
No, your main worry is that most VoIP calls aren't encrypted, and those can indeed be snooped at the CO. Of course, they could always plant a bug on your analog loop as well, if they had access to the CO.
Crypto doesn't begin to solve the potential for technosocial problems.
I'm trying to picture the average house-holder trying to fathom what to do for the VOIP equivalent of the SSH "WARNING: the host key of the server you are connecting to has changed..." message. Will s/he:
If you allow a slight mod to the telephone handset that people use, I can just see the business telephone call of the near future
"Good morning, this is cardiff city payment office" "Please switch to protected voice communication by entering your 12 digit PIN into this handset in 5,4,3,2,1...."
It's good thing that all the criminals are too busy defrauding the UK government using the missing trade VAT scam (around 2 billion, last year). Rip off the people with the big money, I think that Mrs Jones of Gwent might be safe for a little while yet.
However, The Iranians (and others) might well be interested in places near by. Hereford [SAS] and Cheltanham [CGCHQ]. Listen into local calls, might find a blackmail target or two........
Actually, in order for public key encryption to get around the problem Charlie's concerned about, the only connection that needs to be secured is the one between the customer and BT - there is no need here for end-to-end ID verification. So if you can get a valid key for BT, then your connection through to BT is encrypted, and as long as you trust BT not to eavesdrop, you're okay.
As far as private key distribution goes, though, you're absolutely right. If you want to be absolutely sure you are talking to Alice and that Bob isn't listening, you need to have Alice's public key, and you need to establish your shared secret using her private key, and she needs to do the same. Joe Average may never learn to do this.
However, generally speaking geeks tend to underestimate Joe Average. Joe isn't as dumb as he seems - he's just not a geek, and frankly doesn't care about geek stuff. If he had a reason to check the key, he'd do it.
Witness the growing currency of discussion on the topic of identity theft, something that was really only ever discussed on comp.risks until the last year or two, despite being a serious concern. Why the change? It's more common. Joe cares now - ignorance is no longer bliss.
I don't believe, from what I've read, that this will be how it works.
The copper wire will still terminate with at the exchange at an "MSAN" which will then connect you to the 21CN network. Should you be using LLU then you'll instead be connected to the network of your alternative supplier.
There are some nice diagrams here: http://www.btplc.com/21CN/Thetechnologyofthenetwork/Callpathsacross21CN/Callpathsacross21CN.htm
In short, "nah". LLU involves physically reconnecting wires to a DSLAM owned by the third-party operator and colocated with the BT local exchange.
If you're worried, I'd a) encrypt your traffic - if it's encrypted going out over the wires it don't matter whether they are listening to the copper loop, the backhaul private IP or the open IP backbone, or the other party - and b) transfer your worries to IMS.
Now that's some sick telco shit:-0
why does my phone only ring once! Bt says its to do with looping! and they my line is okay.
what next
Dear Charlie,
Cardiff is always menaced by the baddies because they're attracted by the energy rift the Gelth opened up there in the third episode of Series 1.
Durr.
just wondering if a cell phone is close to another cell phone--without me knowing it, and that persons cell phone, i can hear myself repeat what i just said on their cellphone? does this mean i was being spyed on by someone too close to me on my property?