Return-Path: Received: by massis.lcs.mit.edu (8.7.4/NSCS-1.0S) id JAA22915; Fri, 21 Mar 1997 09:09:03 -0500 (EST) Date: Fri, 21 Mar 1997 09:09:03 -0500 (EST) From: ptownson@massis.lcs.mit.edu (TELECOM Digest Editor) Message-Id: <199703211409.JAA22915@massis.lcs.mit.edu> To: ptownson@massis.lcs.mit.edu Subject: TELECOM Digest V17 #72 TELECOM Digest Fri, 21 Mar 97 09:09:00 EST Volume 17 : Issue 72 Inside This Issue: Editor: Patrick A. Townson Cell Phone Code Cracked (Monty Solomon) Where to Find the XDSL Beta's and Active Installs (Ray Sarna) Book Review: "Cellular Digital Packet Data" by Sreetharan/Kumar (Rob Slade) Book Review: "Information Superhighways Revisited" by Egan (Rob Slade) Re: Who Will Rent Me a GSM SIM Card (Henry Baker) Re: Who Will Rent Me a GSM SIM Card (nilsphone@aol.com) TELECOM Digest is an electronic journal devoted mostly but not exclusively to telecommunications topics. It is circulated anywhere there is email, in addition to various telecom forums on a variety of public service systems and networks including Compuserve and America On Line. It is also gatewayed to Usenet where it appears as the moderated newsgroup 'comp.dcom.telecom'. Subscriptions are available to qualified organizations and individual readers. Write and tell us how you qualify: * ptownson@massis.lcs.mit.edu * The Digest is edited, published and compilation-copyrighted by Patrick Townson of Skokie, Illinois USA. You can reach us by postal mail, fax or phone at: Post Office Box 4621 Skokie, IL USA 60076 Phone: 847-329-0571 Fax: 847-329-0572 ** Article submission address: ptownson@massis.lcs.mit.edu Our archives are located at hyperarchive.lcs.mit.edu. The URL is: http://hyperarchive.lcs.mit.edu/telecom-archives They can also be accessed using anonymous ftp: ftp hyperarchive.lcs.mit.edu/telecom-archives/archives (or use our mirror site: ftp ftp.epix.net/pub/telecom-archives) A third method is the Telecom Email Information Service: Send a note to tel-archives@massis.lcs.mit.edu to receive a help file for using this method or write me and ask for a copy of the help file for the Telecom Archives. ************************************************************************* * TELECOM Digest is partially funded by a grant from the * * International Telecommunication Union (ITU) in Geneva, Switzerland * * under the aegis of its Telecom Information Exchange Services (TIES) * * project. Views expressed herein should not be construed as represent-* * ing views of the ITU. * ************************************************************************* Finally, the Digest is funded by gifts from generous readers such as yourself who provide funding in amounts deemed appropriate. Your help is important and appreciated. A suggested donation of twenty dollars per year per reader is considered appropriate. See our address above. All opinions expressed herein are deemed to be those of the author. Any organizations listed are for identification purposes only and messages should not be considered any official expression by the organization. ---------------------------------------------------------------------- Date: Fri, 21 Mar 1997 01:32:26 -0500 From: Monty Solomon Subject: Cell Phone Code Cracked Reply-To: monty@roscom.COM Begin forwarded message: Date: Thu, 20 Mar 1997 07:13:01 -0500 From: John Young Subject: Cell Phone Code Cracked For details of the crack see the cryptographers' press release at: http://www.counterpane.com/cmea.html The New York Times, March 20, 1997, pp. A1, D2. Code Set Up to Shield Privacy Of Cellular Calls Is Breached By John Markoff San Francisco, March 19 -- A team of well-known computer security experts will announce on Thursday that they have cracked a key part of the electronic code meant to protect the privacy of calls made with the new, digital generation of cellular telephones. The announcement, intended as a public warning, means that -- despite their greater potential for privacy protection -- the new cellular telephones, which transmit streams of digital information in code similar to computer data, may in practice be little more secure from eavesdropping than the analog cellular phones, which send voice as electronic patterns mimicking sound waves, that have been in use the last 15 years. It was such eavesdropping, for example, that caused trouble for Newt Gingrich when a Florida couple listened to his cellular phone conversation in December about the Congressional ethics inquiry. Now that digital wireless networks are coming into use around the nation, the breaking of the digital code by the team of two computer security consultants and a university researcher confirms fears about privacy that were raised five years ago when the communications industry agreed under Government pressure to adopt a watered-down privacy technology. Several telecommunications industry officials said the pressure came from the National Security Agency, which feared that stronger encryption technology might allow criminals or terrorists to conspire with impunity by cellular phones. But independent security experts now say that the code is easy enough to crack that anyone with sufficient technical skills could make and sell a monitoring device that would be as easy to use as a police scanner is. Such a device would enable a listener to scan hundreds of wireless channels to listen in randomly on any digital call within a radius ranging from 1,000 feet to a number of miles. Or, as with current cellular technology, if a specific person was the target of an eavesdropper, the device could be programmed to listen for any nearby digital call to that person's telephone number. Other possible transgressions would include using the device to automatically harvest all calling card or credit-card data transmitted with nearby digital wireless phones. And, because of a loophole in the Communications Act of 1934, making and selling such devices would not be illegal, though actually using one would technically be against the law. These monitoring devices are not yet available, but security experts said that a thriving gray market was certain to develop. And with technical details of the security system already circulating on the Internet instructions for cracking it will almost certainly make their way into the computer underground, where code breaking and eavesdropping are pursued for fun and profit. Technical details of the security system were supposed to be a closely guarded secret, known only to a tight circle of industry engineers. But the researchers performed their work based on technical documents that were leaked from within the communications industry and disseminated over the Internet late last year. "The industry design process is at fault," said David Wagner, a University of California at Berkeley researcher who was a member of the team that broke the code. "We can use this as a lesson, and save ourselves from more serious vulnerabilities in the future." Communications industry technical experts, made aware of the security flaw earlier this year, have been meeting to determine whether it is too late to improve the system's privacy protections. Already the digital technology is in use in metropolitan areas, including New York and Washington, where either the local cellular networks have been modified to support digital technology or where new so called wireless personal communications services are being offered. "We're already in the process of correcting this flaw," said Chris Carroll, an engineer at GTE Laboratories, who is chairman of the industry committee that oversees privacy standards for cellular phones. But Greg Rose, a software designer for the Qualcomm Inc. a leader in digital cellular systems said that fixing the flaw would be "a nightmare." Tightening the security system, Mr. Rose said, would involve modifying software already used in the computerized network switching equipment that routes wireless digital telephone calls, as well as the software within individual phones. Currently, about 45 million Americans have cellular phones, though most of them so far are based on an older analog standard that offers no communications privacy. But cellular companies are gradually converting their networks to the new digital standard, and the new personal communications services networks going into operation around the country also employ the digital encryption system. Nearly a million P.C.S. phones have been sold in the United States, according to cellular industry figures. Besides Mr. Wagner, the other researchers who cracked the code were Bruce Schneier and John Kelsey of Counterpane Systems, a Minneapolis consulting firm. Mr. Schneier is the author of a standard textbook on cryptography. The new digital wireless security system, which was designed by cellular telephone industry engineers was never intended to stop the most determined wiretappers. But because digital calls are transmitted in a format corresponding to the one's and zero's of computer language, they are more difficult to eavesdrop on than conventional analog calls, which are transmitted in electronic patterns. And digital calls protected with encryption technology -- basically a mathematical formula in the software that scrambles the signal -- would be all the harder for a third party to listen to surreptitiously. Because the encryption system that the industry adopted in 1992 was deliberately made less secure than many experts had recommended at the time, privacy rights advocates have been warning since that the code could be broken too easily. An announcement Thursday that the code has indeed been cracked would seem to bear out those concerns. "This should serve as a wake-up call," said James X. Dempsey, senior staff counsel for the Center for Democracy and Technology, a public interest group. "This shows that Government's effort to control encryption technology is now hindering the voice communications industry as well as the data and electronic communication realm." Industry executives acknowledged that steps must be taken to address the problem. "We need strict laws that say it is illegal to manufacture or to modify a device which is designed to perpetrate the illegal interception of P.C.S. telephone calls," said Thomas E. Wheeler, president of the Cellular Telephone Industry Association, a Washington-based trade group. Mr. Wheeler said the weaker privacy technology had been adopted not just to appease the Government but because makers of wireless communications hardware and software wanted to embrace a technical standard that would meet export regulations. Those rules, based on national security considerations, sharply curtail the potency of American-made encryption technology. The three computer researchers who broke the code belong to an informal group of technologists who believe strongly that powerful data-scrambling technologies are essential to protect individual privacy in the information age. These technologists, who planned to release their findings in a news release on Thursday, argue that the best way to insure that the strongest security codes are developed is to conduct the work in a public forum. And so they are sharply critical of the current industry standard setting process which has made a trade secret of the underlying mathematical formulas used to create the security codes. "Our work shows clearly why you don't do this behind closed doors," Mr. Schneier said. "I'm angry at the cell phone industry because when they changed to the new technology, they had a chance to protect privacy and they failed." Mr. Carroll, head of the industry's privacy committee, said it planned to revise the process for reviewing proposed technical standards. ------------------------------ From: lpuadm.nospam@leonardo.net (Ray Sarna) Subject: Where to Find the XDSL Beta's and Active Installs Date: Thu, 20 Mar 1997 17:04:30 GMT Organization: Leonardo Internet Hi. I'm searching for XDSL regional info. Can you please help by adding to the "public" info base by posting your answer to this very brief request? Where are the Beta tests? Where are the Active Installs? -- for XDSL. I'm aware of the Bell-Atlantic test (3 isp's including B-A, Clark.Net, CAIS.Net). It's 1.5 Mb down, 64 Kb up...at US $60-70/mo, everything included. The ADSL equipment is Westell. Their test is residential, primarily. Also in the Baltimore/Wn area is cicat.com, now offering 384 and 768 Kbs HDSL to their T-1 customers. Pricing wasn't shared with me. They're dedicated to ISDN, so might their customers want to switch en masse? UUNet is testing IDSL 128 Kb symmetric in the Bay Area, but I heard nothing about the users' results. Their pricing will be US $140+/mo, including ISP connect charges, plus I think the user needs to buy the equipment. Plz correct me if I'm wrong. The IDSL equipment is Ascend. Commercial focus. USWest will roll out both the IDSL and SHDSL. They're just about to install 2 beta tests, neither open to the general public. Their pricing for IDSL is undecided, but they're looking at the competitors to frame their entry pricing. The equipment will be Pair Gain. There's a chance they'll add a higher bandwidth XDSL later. Commercial focus. I've just learned of Ameritech's test in Wheaton, IL. It's a 6 mo test, providing symmetric 1.5 Mb on Alcatel equipment. IBM is the ISP. Here's what their website says: Q: How will ADSL services be priced? How will the prices compare with other high-speed access services like ISDN and cable modems. A: While rates have not been determined, any ADSL-based services Ameritech decides to offer will be priced to be extremely competitive with, if not less expensive than, cable modems. (This is damn smart, imho.) And, as to ultimate speeds, they say: A: While Ameritech is still evaluating the technology, we could offer ADSL from Ameritech's network to the customer at downstream speeds of between 768 kbps and 6 mbps, and upstream from the customer to Ameritech's network at speeds of between 160 kbps and 640 kbps. Global Internet Services (www.iglobal.net) offers from 64Kb to 2Mb with Netspeed equipment, near/in? Dallas, TX at stunning (imho...offputting and insulting) prices (If these don't invite serious ISP competition, I'll eat my hat): ADSL RATES Plus Tax THROUGH-PUT MONTHLY SETUP 64K Bits $199.95 $449.95 128K Bits 349.95 449.95 256K Bits 449.95 449.95 512K Bits 525.95 525.95 640K Bits 599.95 599.95 1M Bits 799.95 799.95 1.5M Bits 899.95 899.95 2M Bits 999.95 999.95 Netspeed Speed Runner Adapter with Router ** 1295.00 They give a 15% discount on the above schedule, if you ask, I think. There's a test at Northland Tel.Co. What are the spec's on that? There's a "test"? at Sask Tel. What are the spec's on that? I was told, "they were trying 6 mbit/sec downstream. Not sure on upstream." Their website is useless, imho. Nothing there but a sea of text without logic, and last updated news March, 1996! I guess they're not on the internet yet. ;-) CADvision is now delivering 2 Mb downstream, 1 Mb upstream. They have a time cap of 40 hours a week. Plans are to have the entire city of Calgary available for service by end of May. That's Paradyne equipment, with capacity to send 2.+ down and 1.0 up. Stampeding ahead of the crowd?? ;-) They're to be congratulated on their aggressive pricing and service provisioning. From www.cadvision.com: pricing for CADVision 2000k dialup in CA Dollars, obviously, is as follows: Deposit Fee for Modem: Waived if you are a CADVision dialup customer Setup: $99 (includes ethernet card) Pay one Annual Fee: $349 (equals $29 per month, includes modem) Pay by Month: $39 (one year contract, includes modem, requires VISA#) Current Customer Credit: Up to half of monthly or annual fee If you pay upfront for one year, the cost for 2000k dialup is $29/month. If you choose the monthly payment plan, the cost is $39/month. From the cadvision website: Date March 17...from www.cadvision.com FEEDBACK FROM USERS Many of our customers have asked for references for the CADVision 2000k. We have received many positive responses from the customers who now use 2000k. With their permission, we have published their comments in this newsletter: "The significance of high speed ADSL service in Calgary cannot be overestimated: CADVision's foresight in offering this service at such an astonishingly low price means true business applications via the Internet are finally available to any organization with a PC computer." "The advent of CADVision's inexpensive ADSL service has essentially changed the way we do business on the Internet. For the first time, our smaller clients are able to effectively move their corporate processes between themselves, their clients, and their suppliers throughout the Internet as though they owned their own private Wide Area Network. This represents nothing less than a revolution in business technology, and is a sure sign the Internet has finally matured into the essential business tool long predicted." Telus is the Alberta Province-wide telco, and I've been told, "they are very slow to offer new service, and they charge way too much." No other details; nothing on their website, other than they're the 3rd largest telco in CA. Big Deal! That was yesterday. Where's the info on the xdsl program? Up in CA, BCTel's entry into ADSL will roll out this summer. It's the non-commercial standard, 1.5 down and 64 K up. From their webpage, their description of their offering is "a high-speed (1.5 megabits per second) downstream channel, a medium-speed (64 kilobits per second) upstream channel..." If 64 Kbs is "medium-speed" up there, I'm looking forward to Cadvision helping them redefine that ridiculous observation. They'll want CA $75/mo plus monthly rental on their $1000 router. What else is happening in CA? Any others up there in refrigerator-land? Any news on EU? Asia? We're searching for first tier telco's and independent ISP's who will soon or do now offer XDSL. Please, *please* post one or two you know of. Postings to comp.dcom.xdsl can be seen by all of us. I'll welcome private messages if you've complaints you'd like not to tell the world. TIA, Ray "Gaudia" Sarna ------------------------------ Date: Thu, 20 Mar 1997 10:56:58 EST From: Rob Slade Subject: Book Review: "Cellular Digital Packet Data" by Sreetharan/Kumar BKCDPD.RVW 961119 "Cellular Digital Packet Data", Muthuthamby Sreetharan/Rajiv Kumar, 1996, 0-89006-709-0, U$89.00 %A Muthuthamby Sreetharan %A Rajiv Kumar %C 685 Canton St., Norwood, MA 02062 %D 1996 %G 0-89006-709-0 %I Artech House/Horizon %O U$89.00 617-769-9750 800-225-9977 fax: 617-769-6334 artech@world.std.com %P 315 %S Mobile Communications Series %T "Cellular Digital Packet Data" It's strange that the AMPS (Advanced Mobile Phone System or Analog Mobile Phone System; what everyone knows as cell phones) network had been around for a dozen years before the idea for cellular digital packet data (CDPD) was patented. I guess everyone had been waiting for the other guys to come up with a full scale digital cellular network. CDPD is *not* digital cellular, but rather the use of the analog net for the transfer of digital data in a more efficient manner than simply hooking a modem to a cell phone. Chapter two of the book looks at, and compares, the whole range of digital cellular, PCS (Personal Communication Services), and satellite networks. I hope the good folks at Artech won't be offended, but while their titles are undoubtedly important, they tend to be, well, boring. Sreetharan and Kumar are to be commended for ensuring that, while they never sacrifice accuracy or necessary technical detail, the book is not only readable, but quite fascinating in places. It is heavy, and occasionally acronyms are used before they are defined. The bulk of the book contains detailed descriptions of the architecture, physical layer (airlink), link layer, subnetwork protocols, radio resource management, mobility factors, network management, and deployment. copyright Robert M. Slade, 1996 BKCDPD.RVW 961119 ====================== DECUS Canada Communications, Desktop, Education and Security group newsletters Editor and/or reviewer ROBERTS@decus.ca rslade@vanisl.decus.ca BCVAXLUG Envoy http://www.decus.ca/www/lugs/bcvaxlug.html ------------------------------ Date: Thu, 20 Mar 1997 10:59:22 EST From: Rob Slade Subject: Book Review: "Information Superhighways Revisited" by Egan BKISREOM.RVW 961119 "Information Superhighways Revisited", Bruce L. Egan, 1996, 0-89006-903-4, U$69.00 %A Bruce L. Egan %C 685 Canton St., Norwood, MA 02062 %D 1996 %G 0-89006-903-4 %I Artech House/Horizon %O U$69.00 617-769-9750 800-225-9977 fax: 617-769-6334 artech@world.std.com %P 368 %T "Information Superhighways Revisited: The Economics of Multimedia" After the rash of recent "blue sky" offerings about the informmercial supercliche, it is nice to see a thoroughly informed and realistically analytical book about high bandwidth networks. This work is still tied closely to US regulations and their proposed (or should it be "promised") National Information Infrastructure, but it is possibly illustrative for other countries. This volume does look practically at current and developing technologies. Economics and especially the legislative and public policy factors are a primary emphasis. copyright Robert M. Slade, 1996 BKISREOM.RVW 961119 ====================== roberts@decus.ca rslade@vcn.bc.ca slade@freenet.victoria.bc.ca link to virus, book info at http://www.freenet.victoria.bc.ca/techrev/rms.html Author "Robert Slade's Guide to Computer Viruses" 0-387-94663-2 (800-SPRINGER) ------------------------------ From: hbaker@netcom.com (Henry Baker) Subject: Re: Who Will Rent Me a GSM SIM Card Date: Thu, 20 Mar 1997 18:26:46 GMT In article , John R. Covert wrote: > What reliable commercial firms are there out there who will rent me, > at reasonable prices, a GSM SIM card for my Motorola 7200 for > occasional travel from the U.S. to GSM equipped countries? There's a company that has been set up specifically for this purpose. I don't recall the name, but a web search on GSM should turn up the GSM MOU organization, and if you contact them, they should be able to tell you. ------------------------------ From: nilsphone@aol.com (Nils Andersson) Subject: Re: Who Will Rent Me a GSM SIM Card Date: 20 Mar 1997 19:38:59 GMT Organization: AOL http://www.aol.com In article , John R. Covert writes: > What reliable commercial firms are there out there who will rent me, > at reasonable prices, a GSM SIM card for my Motorola 7200 for > occasional travel from the U.S. to GSM equipped countries? AT&T will do it (through Vodaphone UK, but they do not say that), but you might not consider USD 2.50 per minute reasonable. Other than that, try the local telco in the country visited. Regards, Nils Andersson ------------------------------ End of TELECOM Digest V17 #72 *****************************