28 Years of the Digest ... founded August 21, 1981

Classified Ads
TD Extra News

Add this Digest to your personal   or  

  
 

Message Digest 
Volume 29 : Issue 84 : "text" Format

Messages in this Issue:
 Re: Tabletop Telephone Company
 Re: Tabletop Telephone Company
 Re: Mississippi makes Caller ID spoofing illegal
 Re: Tabletop Telephone Company
 Re: Mississippi makes Caller ID spoofing illegal
 Re: Providers for sequential or rollover ringing of specified lines from one ...
 Re: Tabletop Telephone Company
 Re: Tabletop Telephone Company
 Law Enforcement Appliance Subverts SSL 
 Re: Law Enforcement Appliance Subverts SSL 
 Re: Law Enforcement Appliance Subverts SSL 



====== 28 years of TELECOM Digest -- Founded August 21, 1981 ======
Telecom and VOIP (Voice over Internet Protocol) Digest for the
Internet.  All contents here are copyrighted by Patrick Townson and
the individual writers/correspondents. Articles may be used in other
journals or newsgroups, provided the writer's name and the Digest are
included in the fair use quote.  By using -any name or email address-
included herein for -any- reason other than responding to an article
herein, you agree to pay a hundred dollars to the recipients of the
email.

               ===========================

Addresses herein are not to be added to any mailing list, nor to be
sold or given away without explicit written consent.  Chain letters,
viruses, porn, spam, and miscellaneous junk are definitely unwelcome.

We must fight spam for the same reason we fight crime: not because we
are naive enough to believe that we will ever stamp it out, but because
we do not want the kind of world that results when no one stands
against crime.   Geoffrey Welsh

               ===========================

See the bottom of this issue for subscription and archive details
and the name of our lawyer, and other stuff of interest.


Date: Tue, 23 Mar 2010 18:23:17 -0700
From: Sam Spade <sam@coldmail.com>
To: telecomdigestmoderator.remove-this@and-this-too.telecom-digest.org.
Subject: Re:Tabletop Telephone Company
Message-ID: <9Qdqn.13321$iu2.6415@newsfe15.iad>

Fred Goldstein wrote:
> On Tue, 23 Mar 2010 04:05:25 +0000 (UTC), David Lesher 
> <wb8foz@panix.com> wrote,
> 
>> Sam Spade <sam@coldmail.com> writes:
>>
>>> The drive to cover these five wire centers is gigantic.  The towns must
>>> very in size from 300 to 900 people.  Ajo might top 1,000...barely.
>>
>>> The amazing fact is each town has a 5ESS switch.  I didn't think the
>>> economy of scale would make a 5ESS viable for such small towns.
>>
>> I don't believe such at all. What I suspect is that each of
>> those towns has a remote of some kind off of a distant 5ESS.
>>
>> I vaguely recall an ORM {Optically-coupled Remote Module} can be
>> hosted by a 5E within 150 miles. I suspect what's in each town
>> is something similar.
>>
>> Someone with a LERG could tell us specifics.
> 
> 
> No remotes.  Table Top Telephone is listed with six 5Es.  No remotes, 
> though they show a "host" in Prescott, which is a Qwest exchange.  Maybe 
> they have a rural part of Prescott.
> 
> The six exchanges are not near each other, so host/remote would be 
> somewhat problematic.  Ajo is in the far south, near the Tohono O'Odham 
> Nation.  Seligman is towards the northwest of the state.  Sanders is on 
> the eastern end.  Aguila is west-central, and Bagdad is deep in the 
> middle of noplace.  All are listed as subtending the Phoenix tandem (Q).
> 
> Of course a 5E was expensive; they were about $1M to start.  Nowadays 
> you can get a small CO switch in the $100k range, plus line terminals 
> (which can be field-mounted, with DSL).  But a USF-funded RLEC can spend 
> whatever it wants, with the rest of us paying for it.  So the more they 
> spend, the more they make.  So Table Top Tel gets almost $300k a month 
> in subsidies, for probably fewer than 3000 lines.  About a quarter is 
> "local switching support", though more goes to high-cost-loop support, 
> which is a bit harder to argue with.

Thanks Fred.  Great info.

The situation on the north outskirts of Prescott is a fancy golf
course/real estate development that they somehow laid claim to in
Qwest territory.  No doubt Qwest services the Table Top exchange
there.




Date: Wed, 24 Mar 2010 03:59:52 +0000 (UTC)
From: David Lesher <wb8foz@panix.com>
To: telecomdigestmoderator.remove-this@and-this-too.telecom-digest.org.
Subject: Re:Tabletop Telephone Company
Message-ID: <hoc2nn$isu$1@reader1.panix.com>

Fred Goldstein <fgoldstein.SeeSigSpambait@wn2.wn.net> writes:

>>Someone with a LERG could tell us specifics.

>No remotes.  Table Top Telephone is listed with six 5Es.  No
>remotes, though they show a "host" in Prescott, which is a
>Qwest exchange.  Maybe they have a rural part of Prescott.

>The six exchanges are not near each other, so host/remote      
>would be somewhat problematic.                                 

I am astonished. A 5E to run a sole prefix? My CO has two 5E's
to handle ~fifty prefixes.

>Of course a 5E was expensive; they were about $1M to start.  

As Fred would recall, the upgraded generic to run ISDN was another $1E6.

-- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433




Date: Tue, 23 Mar 2010 20:33:07 EDT
From: Wesrock@aol.com
To: telecomdigestmoderator.remove-this@and-this-too.telecom-digest.org.
Subject: Re: Mississippi makes Caller ID spoofing illegal
Message-ID: <453ed.68596dc0.38dab7c3@aol.com>

 
In a message dated 3/23/2010 6:52:30 PM Central Daylight Time,  
bonomi@host122.r-bonomi.com writes:

>I  have some phones set up in an internal VOIP system.  The number  of
>one such phone is "2".  I can dial out to the PSTN via a VOIP  gateway
>service.  When I call my POTS land line from "2" the  caller ID is
>out-of-area.  I always assumed that either the  gateway doesn't trust
>me or the network doesn't trust the  gateway.  One day for some reason
>I called my ISDN land line from  "2" and was surprised to see "2" come
>through as the caller id.  I  temporarily changed the station name of
>"2" to something that looked  like a normal 10-digit US phone number and
>sure enough it showed up on  my POTS land line caller ID.  I suppose this
>is all illegal now,  at least in Mississippi. :)

'out of area' is displayed for CID data  fields that the display box 
"doesn't understand".  Symptomatic of  idiot-level programming in the
ID display.

--------------------------------Reply--------------------------------
 
")ut of Area" is perhaps a function of the display device,   since I one 
that instead shows "Unknown."  So the translation of whichever  code is sent 
from the C.O. for that purpose must be a function of the display  device.
 
Wes  Leatherock
wesrock@aol.com
wleathus@yahoo.com




Date: Tue, 23 Mar 2010 20:45:37 EDT
From: Wesrock@aol.com
To: telecomdigestmoderator.remove-this@and-this-too.telecom-digest.org.
Subject: Re: Tabletop Telephone Company
Message-ID: <4605d.242f1927.38dabab1@aol.com>

 
In a message dated 3/23/2010 10:09:11 AM Central Daylight Time,  
fgoldstein.SeeSigSpambait@wn2.wn.net writes:

> No  remotes.  Table Top Telephone is listed with six 5Es.  No remotes,  
> though they show a "host" in Prescott, which is a Qwest  
> exchange.  Maybe they have a rural part of Prescott.

> The six  exchanges are not near each other, so host/remote would be 
> somewhat  problematic.  Ajo is in the far south, near the Tohono 
> O'Odham  Nation.  Seligman is towards the northwest of the 
> state.   Sanders is on the eastern end.  Aguila is west-central, and 
> Bagdad is  deep in the middle of noplace.  All are listed as 
> subtending the  Phoenix tandem (Q).

> Of course a 5E was expensive; they were about $1M  to start.  Nowadays 
> you can get a small CO switch in the $100k range,  plus line terminals 
> (which can be field-mounted, with DSL).  But a  USF-funded RLEC can 
> spend whatever it wants, with the rest of us paying  for it.  So the 
> more they spend, the more they make.  So Table  Top Tel gets almost 
> $300k a month in subsidies, for probably fewer than  3000 
> lines.  About a quarter is "local switching support", though  more 
> goes to high-cost-loop support, which is a bit harder to argue  with.
 
A rural REC is required to serve all customers within its territory,
no matter how far they are for the C.O.  This company may serve a
large but sparsley populated rural area, which describes many places
in Arixona, including the area awround the exchanges mentioned.  This
can be pretty profitable.
 
I had a barbere who had worked for the Panhandle Telephone Cooperative
in the Oklahoma Panhandle.  The panhandle has not too much population
but those who survived after the Dust Bowl had to perserve or acquire
and now have perhaps thousands of acres in wheat farms and ranches.
The ones who survivded are generally very properous and were willing
to pay for service in rural areas that none of the existing carriers
(mostly GTE in the panhandle wanted as unprofitable.  But they were
willing to pay and when Panhancle Co-op came in they were ready for
service and able and willing to pay for it.  The names of the
Panhandle Co-op exchanges do not correspond to any existing cities or
towns--may the name of an abandonded school house--and theirw
exchanges are scattered around the rural reaa trhe co-op services,
apparently very proitably.
  
Wes  Leatherock
wesrock@aol.com
wleathus@yahoo.com




Date: Wed, 24 Mar 2010 01:10:41 -0400 (EDT)
From: Dan Lanciani <ddl@danlan.com>
To: telecomdigestmoderator.remove-this@and-this-too.telecom-digest.org.
Subject: Re: Mississippi makes Caller ID spoofing illegal
Message-ID: <201003240510.BAA13020@ss10.danlan.com>

bonomi@host122.r-bonomi.com (Robert Bonomi) wrote:

|In article <201003220710.DAA15498@ss10.danlan.com>,
|Dan Lanciani  <ddl@danlan.com> wrote:
|>bonomi@host122.r-bonomi.com (Robert Bonomi) wrote:
|>
|[[..  sneck  ..]]
|>|
|>|One that only understands NANP format numbers -- and chokes, and therefore
|>|doesn't display anything, when confronted with something 'foreign'?
|>|
|>|In years past, I've encountered a lot of budget CPE gear that was very
|>|US-centric.
|>
|>What about stupid land-line switch (or perhaps "helpful" programming)?
|>
|>I have some phones set up in an internal VOIP system.  The number of
|>one such phone is "2".  I can dial out to the PSTN via a VOIP gateway
|>service.  When I call my POTS land line from "2" the caller ID is
|>out-of-area.  I always assumed that either the gateway doesn't trust
|>me or the network doesn't trust the gateway.  One day for some reason
|>I called my ISDN land line from "2" and was surprised to see "2" come
|>through as the caller id.  I temporarily changed the station name of
|>"2" to something that looked like a normal 10-digit US phone number and
|>sure enough it showed up on my POTS land line caller ID.  I suppose this
|>is all illegal now, at least in Mississippi. :)
|
|'out of area' is displayed for CID data fields that the display box 
|"doesn't understand".  Symptomatic of idiot-level programming in the
|ID display.

No, in this case it is happening at the CO.  I use RS232 CID dongles
which are little more than Bell 202 AFSK receive-only modems.  They
give me the unaltered bit stream as sent by the CO.  With my station
ID set to "2" the CO sends my POTS line a CID multi-part message with
reason for no number "O" and reason for no name "O".  My ISDN line gets
the "2".

				Dan Lanciani
				ddl@danlan.*com




Date: Tue, 23 Mar 2010 20:19:48 EDT
From: Wesrock@aol.com
To: telecomdigestmoderator.remove-this@and-this-too.telecom-digest.org.
Subject: Re: Providers for sequential or rollover ringing of specified lines from one ...
Message-ID: <44689.6cc863c.38dab4a4@aol.com>

 
In a message dated 3/22/2010 10:25:48 PM Central Daylight Time,  
john.bartley@gmail.com writes
 
> I'm looking for a telephony provider which will ring number A on an
> incoming call, and if number A does not answer within x seconds,
> ring number B, then number C if B does not answer within x seconds.
> Don't want to install hardware on our premises, and a flat monthly
> rate is preferred for the service without having to worry about
> running over the specified number of minutes (as phone.com bills in
> tiers, and my agency prefers a flat rate).

"Call Forwarding Don't Answer" is the product provided by many telcos
for thia purpose.  Don't know if you could cascade it past Line B.
 
Wes  Leatherock
wesrock@aol.com
wleathus@yahoo.com




Date: Wed, 24 Mar 2010 10:27:25 -0400
From: Carl Navarro <cnavarro@wcnet.org>
To: telecomdigestmoderator.remove-this@and-this-too.telecom-digest.org.
Subject: Re: Tabletop Telephone Company
Message-ID: <668kq5tg1jkh9mtskjmknogpfp3vkqv41g@4ax.com>

On Tue, 23 Mar 2010 20:45:37 EDT, Wesrock@aol.com wrote:

(Snip excellent description of the co-op and Table Top Telephone)

I don't know much about any of this, but here in Ohio when I worked
with an independent, I kept asking the service clerk if the owner had
any daughters that I could marry and inherit the office :-)

Table Top Tel.  I like the sound.

Carl




Date: Wed, 24 Mar 2010 09:11:20 -0700
From: Sam Spade <sam@coldmail.com>
To: telecomdigestmoderator.remove-this@and-this-too.telecom-digest.org.
Subject: Re:Tabletop Telephone Company
Message-ID: <IQqqn.108772$Ye4.68731@newsfe11.iad>

David Lesher wrote:
> Fred Goldstein <fgoldstein.SeeSigSpambait@wn2.wn.net> writes:
> 
> 
>>>Someone with a LERG could tell us specifics.
> 
> 
>>No remotes.  Table Top Telephone is listed with six 5Es.  No
>>remotes, though they show a "host" in Prescott, which is a
>>Qwest exchange.  Maybe they have a rural part of Prescott.
> 
> 
>>The six exchanges are not near each other, so host/remote      
>>would be somewhat problematic.                                 
> 
> 
> I am astonished. A 5E to run a sole prefix? My CO has two 5E's
> to handle ~fifty prefixes.
> 
> 
>>Of course a 5E was expensive; they were about $1M to start.  
> 
> 
> As Fred would recall, the upgraded generic to run ISDN was another $1E6.
> 
> 
Table Top is adding DSL to all its switches sometime this year.

When I get back from my trip in late April I will post photos of the 
headquarters building and Ajo C.O.




Date: Wed, 24 Mar 2010 22:32:41 -0400
From: Monty Solomon <monty@roscom.com>
To: telecomdigestmoderator.remove-this@and-this-too.telecom-digest.org.
Subject: Law Enforcement Appliance Subverts SSL 
Message-ID: <p06240844c7d07b934d6d@[10.0.1.4]>

Law Enforcement Appliance Subverts SSL

By Ryan Singel
March 24, 2010

That little lock on your browser window indicating you are 
communicating securely with your bank or e-mail account may not 
always mean what you think its means.

Normally when a user visits a secure website, such as Bank of 
America, Gmail, PayPal or eBay, the browser examines the website's 
certificate to verify its authenticity.

At a recent wiretapping convention, however, security researcher 
Chris Soghoian discovered that a small company was marketing internet 
spying boxes to the feds. The boxes were designed to intercept those 
communications - without breaking the encryption - by using forged 
security certificates, instead of the real ones that websites use to 
verify secure connections. To use the appliance, the government would 
need to acquire a forged certificate from any one of more than 100 
trusted Certificate Authorities.

The attack is a classic man-in-the-middle attack, where Alice thinks 
she is talking directly to Bob, but instead Mallory found a way to 
get in the middle and pass the messages back and forth without Alice 
or Bob knowing she was there.

The existence of a marketed product indicates the vulnerability is 
likely being exploited by more than just information-hungry 
governments, according to leading encryption expert Matt Blaze, a 
computer science professor at University of Pennsylvania.

...

http://www.wired.com/threatlevel/2010/03/packet-forensics/




Date: Thu, 25 Mar 2010 01:14:06 -0400
From: Bill Horne <bill@horneQRM.net>
To: telecomdigestmoderator.remove-this@and-this-too.telecom-digest.org.
Subject: Re: Law Enforcement Appliance Subverts SSL 
Message-ID: <20100325051406.GB1303@telecom.csail.mit.edu>

On Wed, Mar 24, 2010 at 10:32:41PM -0400, Monty Solomon wrote:
 
> Law Enforcement Appliance Subverts SSL
> 
> By Ryan Singel
> March 24, 2010
> 
> That little lock on your browser window indicating you are 
> communicating securely with your bank or e-mail account may not 
> always mean what you think its means.
> 
> Normally when a user visits a secure website, such as Bank of 
> America, Gmail, PayPal or eBay, the browser examines the website's 
> certificate to verify its authenticity.
> 
> At a recent wiretapping convention, however, security researcher 
> Chris Soghoian discovered that a small company was marketing internet 
> spying boxes to the feds. The boxes were designed to intercept those 
> communications - without breaking the encryption - by using forged 
> security certificates, instead of the real ones that websites use to 
> verify secure connections. To use the appliance, the government would 
> need to acquire a forged certificate from any one of more than 100 
> trusted Certificate Authorities.
> 
> The attack is a classic man-in-the-middle attack, where Alice thinks 
> she is talking directly to Bob, but instead Mallory found a way to 
> get in the middle and pass the messages back and forth without Alice 
> or Bob knowing she was there.
> 
> The existence of a marketed product indicates the vulnerability is 
> likely being exploited by more than just information-hungry 
> governments, according to leading encryption expert Matt Blaze, a 
> computer science professor at University of Pennsylvania.
> 
> ...
> 
> http://www.wired.com/threatlevel/2010/03/packet-forensics/

Speaking as a former Thawte Notary and a GsWOT Introducer, I want to
point out that man-in-the-middle attacks aren't anything new, and they
are also not evidence that either SSl or the PKI system have been
"cracked" at a fundamental level.

Mr. Singel's story is a classic case of Social Engineering: in both
tone and language, it attempts to make his readers afraid of a phantom
that menaces their bank accounts and their ability to employ the
Internet to save time and aggravation. The fact is that it is, by all
accounts, impossible to "forge" a PKI certificate: i.e., there is no
way that an attacking who is not in possession of a Root
Certificate can create subordinate certificates that attest to a
non-existent identity. The article does admit that "To use the
appliance, the government would need to acquire a forged certificate
from any one of more than 100 trusted Certificate Authorities", but
gives no details as to how "the government" would be able to do
so. Mr. Singel is relying on his readers' gullibility to build a
straw-man that will fall down whenever someone uses their brain.

I'll provide some background: man-in-the-middle attacks have two
"vectors", or ways that they can succeed:

1. Taking advantage of someone's gullibility. 

   If I click on a link that says "www.high-priced-bank.com", and I'm
   confronted with a warning screen that says the certificate the web
   site is presenting isn't trusted, then it's up to me to decide if I
   will allow the browser session to go forward. If I click "yes",
   what happens after that is my fault, one way or another: either I
   didn't choose to educate myself as to the risks of accepting
   untrusted certificates, or I didn't choose to believe that those
   risks could affect me. 

   Either way, it's my fault: I told my browser to violate the trust
   model. 

2. Breaking the PKI trust hierarchy by subterfuge.

   If an attacker has *UNDETECTABLE* access to the certificate storage
   of a target machine, he can insert a "Root" certificate into the
   target, so that the phony certificate presented by a fraudulent
   website (which was, of course, signed by the false root) will
   appear to be genuine. This is the method used by System
   Administrators who want to monitor their users' use of online email
   systems. 

   BUT

   Anytime ANYONE has physical access to a target machine, the game
   is over. That's why you shouldn't do any banking or any other
   sensitive transaction on a publicly-accessible computer, or for
   that matter, on any computer you don't have complete control
   over. Instead of going to the trouble to generate a fake "Root"
   certificate, get it installed, create a false web page, etc., etc.,
   it is much easier to install "key-grabber" software that will steal
   the users' banking password(s) at the source.

3. Breaking the PKI Root security by force, threat, or legal action:

   For a careful Internet user, who is using a secure machine, to be
   deceived into believing that a fraudulent website which claims to
   be www.high-priced-bank.com is the real deal, the attackers must go
   through a multi-step process:

   A. They must obtain access to a "root" certificate which can sign
      other certificates.

   B. They must use the purloined root certificate to sign a secondary
      certificate which has the high-priced-bank name on it.
   
   C. They must set up a phony website which is a passable imitation
      of the site a victim thinks they're going to.

   D. The attackers have to intercept DNS calls made from the target
      computer, and supply a different IP address than the one
      actually used by high-priced-bank. 

   Now, here's the problem: steps "B" and "C" are very easy to do,
   but only if an attacker is also able to accomplish step "A",
   which is several orders of magnitude harder. 

   Step "D" is relatively doable, assuming the attacker has access to
   the LAN the victim is using, but that's not as easy as it might
   seem: assuming the victim is using a DSL or Cable Internet
   connection, the only place the "LAN" connection is easily available
   is between the victim's computer and the high-speed modem, which is
   usually co-located with the computer. Keep in mind that the device
   Wired has featured is intended be used at a LAN interface, such as
   an Ethernet patch panel, but that assumes that "law enforcement"
   personnel have access to the wire closet and that they can prove
   in a court that they did so legally.

Wired has a short-circuit on this subject. I suggest the publication
tell its contributors to stick to the usual gee-wiz and leave
fear-mongering to professional politicians who are properly trained to
use it.

--
Bill Horne

(Filter QRM for direct repies)




Date: Thu, 25 Mar 2010 14:41:58 +1100
From: David Clayton <dcstar@myrealbox.com>
To: telecomdigestmoderator.remove-this@and-this-too.telecom-digest.org.
Subject: Re: Law Enforcement Appliance Subverts SSL 
Message-ID: <pan.2010.03.25.03.41.54.691028@myrealbox.com>

On Wed, 24 Mar 2010 22:32:41 -0400, Monty Solomon wrote:

> Law Enforcement Appliance Subverts SSL
> 
> By Ryan Singel
> March 24, 2010
> 
> That little lock on your browser window indicating you are communicating
> securely with your bank or e-mail account may not always mean what you
> think its means.
........
It usually means that a SSL connection has been set up with some server
that has a certificate that matches the URL you used to access the page
and is responding to the IP address that the packets are being sent to, no
more and no less.

If someone is indeed intercepting the packets and using a false
certificate to see your data, then that just means that the integrity of
the multi-billion dollar certificate industry has taken a hit as far as
"site verification" goes.

-- 
Regards, David.

David Clayton
Melbourne, Victoria, Australia.
Knowledge is a measure of how many answers you have, intelligence is a
measure of how many questions you have.





TELECOM Digest is an electronic journal devoted mostly to telecom-
munications topics. It is circulated anywhere there is email, in
addition to Usenet, where it appears as the moderated newsgroup
'comp.dcom.telecom'.

TELECOM Digest is a not-for-profit, mostly non-commercial educational
service offered to the Internet by Bill Horne. All the contents
of the Digest are compilation-copyrighted. You may reprint articles in
some other media on an occasional basis, but please attribute my work
and that of the original author.

The Telecom Digest is moderated by Bill Horne.

Contact information:    Bill Horne
                        Telecom Digest
                        43 Deerfield Road
                        Sharon MA 02067-2301
                        781-784-7287
                        bill at horne dot net

Subscribe:  telecom-request@telecom-digest.org?body=subscribe telecom
Unsubscribe: telecom-request@telecom-digest.org?body=unsubscribe telecom

This Digest is the oldest continuing e-journal about telecomm-
unications on the Internet, having been founded in August, 1981 and
published continuously since then.  Our archives are available for
your review/research. We believe we are the oldest e-zine/mailing list
on the internet in any category!

URL information: http://telecom-digest.org


Copyright (C) 2009 TELECOM Digest. All rights reserved.
Our attorney is Bill Levant, of Blue Bell, PA.

 ---------------------------------------------------------------

Finally, the Digest is funded by gifts from generous readers such as
yourself who provide funding in amounts deemed appropriate. Your help
is important and appreciated. A suggested donation of fifty dollars
per year per reader is considered appropriate. See our address above.
Please make at least a single donation to cover the cost of processing
your name to the mailing list. 

All opinions expressed herein are deemed to be those of the
author. Any organizations listed are for identification purposes only
and messages should not be considered any official expression by the
organization.

End of The Telecom Digest (11 messages)

Return to Archives ** Older Issues