Date: Sat Oct 30 12:30:31 1999 From: editor@telecom-digest.org Subject: TELECOM Digest V19 #519 To: ptownson@massis.lcs.mit.edu
TELECOM Digest Sat, 30 Oct 99 15:30:00 EDT Volume 19 : Issue 519
Inside This Issue: Editor: Patrick A. Townson
ISDN Viruses (John S. Maddaus) DSL-Specific Search Engine (Adam Gaffin) Telephone Privacy (Monty Solomon) Re: 'No PIC Fee' Doubled Last Month? (Douglas Kaspar) Re: US West DSL Woes (someone@telport.com) Re: US West DSL Woes (Dave Garland) To 'Bell' or NOT to 'Bell' - Names/Logos/Holdings/etc. (Bob Goudreau) Re: Britain Knocked Off the Internet Map (Rob Levandowski) Re: New DNS Entry (Brian Elfert) Re: New DNS Entry (John R. Levine) Re: Two New Anonymizing Features Added Here (Patrick Klos) Re: Two New Anonymizing Features Added Here (Al Iverson) Re: US West DSL Woes (Scot E. Wilcoxon) Re: US West DSL Woes (Gideon Stocek)
TELECOM Digest is an electronic journal devoted mostly but not exclusively to telecommunications topics. It is circulated anywhere there is email, in addition to various telecom forums on a variety of networks such as Compuserve and America On Line, and other forums. It is also gatewayed to Usenet where it appears as the moderated newsgroup 'comp.dcom.telecom'.
TELECOM Digest is a not-for-profit, mostly non-commercial educational service offered to the Internet by Patrick Townson. All the contents of the Digest are compilation-copywrited. You ay reprint articles in some other media on an occassional basis, but please attribute my work and that of the original author.
Contact information: Patrick Townson/TELECOM Digest Post Office Box 765 Junction City, KS 66441-0765 Phone: 415-520-9905 Email: editor@telecom-digest.org
Subscribe/unsubscribe: subscriptions@telecom-digest.org
This Digest is the oldest continuing e-journal about telecomm- unications on the Internet, having been founded in August, 1981 and published continuously since then. Our archives are available for your review/research. We believe we are the second oldest e-zine/ mailing list on the internet in any category!
URL information: http://telecom-digest.org
Anonymous FTP: hyperarchive.lcs.mit.edu/telecom-archives/archives (or use our mirror site: ftp.epix.net/pub/telecom-archives)
Email <==> FTP: telecom-archives@telecom-digest.org
Send a simple, one line note to that automated address for a help file on how to use the automatic retrieval system for archives files. You can get desired files in email.
************************************************************************* * TELECOM Digest is partially funded by a grant from the * * International Telecommunication Union (ITU) in Geneva, Switzerland * * under the aegis of its Telecom Information Exchange Services (TIES) * * project. Views expressed herein should not be construed a represent-* * ing views of the ITU. * *************************************************************************
In addition, a gift from Mike Sandman, Chicago's Telecom Expert has enabled me to replace some obsolete computer equipment and enter the 21st century sort of on schedule. His mail order telephone parts/supplies service based in the Chicago area has been widely recognized by Digest readers as a reliable and very inexpensive source of telecom-related equipment. Please request a free catalog today at http://www.sandman.com ---------------------------------------------------------------
Finally, the Digest is funded by gifts from generous readers such as yourself who provide funding in amounts deemed appropriate. Your help is important and appreciated. A suggested donation of twenty dollars per year per reader is considered appropriate. See our address above. Please make at least a single donation to cover the cost of processing your name to the mailing list.
All opinions expressed herein are deemed to be those of the author. Any organizations listed are for identification purposes only and messages should not be considered any official expression by the organization.
From: jmaddaus@NO_SPAM.usa.net (John S. Maddaus) Subject: ISDN Viruses Date: Fri, 29 Oct 1999 22:01:28 GMT Organization: AT&T WorldNet Services Reply-To: jmaddaus@NO_SPAM.usa.net
Thought you and your readers might be interested in this.
"ISDN Viruses are quite possibly the worst thing to happen to computing since the creation of the Cellular Trojan Horse. Basically, these viruses travel over the wires using the X.224 transport protocol, and seize the D channel using Q.931. All SS7 data sent over the D channel is quickly compromized and re-routed to different signal transfer points, causing massive ANI Failure over the entire routing mesh.
Rumor has it that the Internet Liberation Frontwas behind these viruses with heavy investement coming from the German Bundesnachrichtendienst's Project Rahab. These hackers were paid with AT&T calling cards encoded with a polymorphic encryption scheme, and cocaine."
Communication protocols and standards by definition are open to misuse by a potential adversary because:
a) they make communications protocol details publicly available; b) they assume benign users are connected to the network; c) they define how network nodes must interface, thereby providing information on vendor equipment attached to the network; d) they were developed to allow for expansion (hence Q.931 for example contains information elements containing fields which can be unlimited in length and passed through by the network).
A great weakness in the OSI model (from a security perspective) is that different levels of the model do not concern themselves with the content of information contained within other levels. It is merely passed on without verification, validation, or authentication. Though AT&T may choose to authenticate signaling between its network nodes I sincerely doubt they do so with a LEC or another IXC. The ability to send (and deposit on a remote telecommunication network node, aka a PBX through normal call setup) destructive code has been confirmed in briefings which I attended several years back.
Combined with the fact that no person or entity knows exactly what is connected to the PSTN (and the advent of open market competition is increasing the number of nknowns daily), such "hacks" raise the bar considerably and are therefore potentially devastating. At this point I maintain that phreaking and hacking become one in the same. This information is beginning to make its way through the hacker archives as evidenced by the above excerpt taken from a recent Phrack Magazine article. Though the technical detail of this article may be suspect due to the nature of the magazine, the concept that is being aired is real and such press within the hacker community is likely to spread intense interest in bringing down a telecom network.
John S. Maddaus jmaddaus@usa.net
From: Adam Gaffin <agaffin@nww.com> Subject: DSL-Specific Search Engine Date: Fri, 29 Oct 1999 10:09:29 +0000 Organization: Network World Fusion Reply-To: agaffin@nww.com
This week, we launched DSL Search, a search engine dedicated entirely to (ta da) DSL.
We've indexed more than 4,000 documents from scores of DSL-related sites and resources, including DSL equipment makers (from modems to DSLAMs) and service providers. DSL-related articles from Network World and Network World Fusion are in the database as well. Use it for background research on specific DSL technologies or companies or to see who's providing DSL in your area or state (caveat: we've focused initially on U.S. and Canadian providers).
Note: No more pesky registration forms to use NW Fusion!
Adam Gaffin Online Editor, Network World agaffin@nww.com / (508) 820-7433 "I programmed my robotic dog to bite the guy who delivers the electronic mail." -- Kibo
Date: Fri, 29 Oct 1999 03:30:59 -0400 From: Monty Solomon <monty@roscom.com> Subject: Telephone Privacy
Excerpt from ACLU News 10-28-99
Consumer and Privacy Organizations, Legal Scholars Urge Appeals Court to Protect Consumers' Telephone Privacy
WASHINGTON -- In a friend-of-the-court brief filed October 25, 15 consumer and privacy organizations and 22 legal scholars rged a federal appeals court to reconsider a decision that would allow telephone companies to use private telephone records for marketing purposes.
The groups, including the American Civil Liberties Union, said that the case is of great importance to consumers across the United States.
The brief, filed in support of a petition from the Federal Communications Commission, asks the 10th Circuit Court of Appeals to uphold a privacy provision that was enacted by Congress in 1996 and implemented by the FCC.
In US West v. FCC, the federal appeals court said that the "opt-in" privacy safeguard recommended by the FCC violated the First Amendment rights of the telephone company to market products and services.
The information that would be disclosed "consists of customer calling records that would not exist but for the private activities of telephone customers," the groups said in legal papers. "These records, which are not publicly available, include such sensitive and personal information as who an individual calls, when, for how long, and how often."
An alternative "opt-out" approach, they argued, is burdensome and "would have required telephone customers to contact their carrier to prevent the disclosure of their personal calling records."
The groups concluded that an "opt-in approach is consistent with the First Amendment and is the most reasonable fit with Congress's intent to protect the privacy of telephone subscribers' personal information."
"This is not a question of whether there is a First Amendment right to commercial speech, but instead of whether corporations have a right to disclose the sensitive personal information of their customers without consent," said Barry Steinhardt, associate director of the ACLU.
"If the courts allow companies to claim a right to disclose personal information, then every law that gives us control over our own data is called into question," he added.
The brief was supported by a wide range of privacy and consumer organizations, including the ACLU, the Electronic Privacy Information Center, the Consumer Federation of America, and the U.S. Public Interest Research Group. The brief was also endorsed by many leading legal scholars. The Washington law firm of Covington & Burling filed the brief on behalf of the coalition.
The friend-of-the-court brief filed by the coalition is available on the ACLU's website: http://www.aclu.org/court/uswest_brief.html
Additional information about US West v. FCC: http://www.epic.org/privacy/litigation/uswest/
From: Dougla Kaspar <Doug.Kaspar@worldnet.att.net> Subject: Re: 'No PIC Fee' Doubled Last Month? Date: Thu, 28 Oct 1999 23:08:40 -0500 Organization: AT&T WorldNet Services
My guess is that the price increase has to do with your phone provider being assessed a fee for the Universal Service Fund.
Doug Kaspar
Dave Alden <alden@math.ohio-state.edu> wrote in message news:telecom19. 498.9@telecom-digest.org:
> Nine months ago I got tired of all the fees my LD company was > charging, so I had my local phone company (Ameritech) switch my line > to no LD company. I've been paying my $0.54/month for the privilege > of being able to send and receive LD calls through other means. Last > month this fee was increased to $1.04/month without any warning. I > was wondering if this was across the board to everyone, and if so, > why?
From: someone@teleport.com Subject: Re: US West DSL Woes Reply-To: usbcpdx@my-deja.com <I.never.read.this@teleport.com> Date: Fri, 29 Oct 1999 17:35:50 GMT
On Thu, 28 Oct 1999 03:31:31 GMT, craig@glasswings.com.au (Craig Macbride) wrote:
> A friend of mine got DSL from USWest in July.
<snip>
> 1) Are USWest usually this incompetent?
Oh, yesssssss.
Couldn't pour water out of boot even if instructions were on heel because most of the techs who could read were laid off when they centralised in Denver (not to mention what the unionized craft employees did to the plant records, hehehe. Management found _all_ kinda stuff when they opened records boxes in Denver, hehehehe.)
> 2) How can the US ever have any level of phone number portability if USWest > can't even swap two numbers in the _same house_ in three months??!
Don't expect them to. Number Portability, like Military Intelligence, was a wonderful idea which, as implemented, tastes like year-old Vegemite.
From: dave.garland@wizinfo.com (Dave Garland) Date: 29 Oct 99 11:31:11 -0600 Subject: Re: US West DSL Woes Organization: Wizard Information
Craig Macbride wrote in a message:
> 1) Are USWest usually this incompetent?
I've had three DSL lines put in by USWest.
The first went in smoothly. We had some tech problems, my ISP wasn't prepared for subscribers with Cisco 605s (USW swapped it for a 675 without charge), my computer didn't like USWest's NIC (USW swapped it for an ISA card without charge). The tech support people were superb, knowledgable, and willing to take as long as necessary to solve the problems. But to get through to them required spending over an hour on hold each time.
The second required that USWest first install a POTS line, as the client's phones were all with a CLEC. The installer did put a line in, but failed to connect it to the appropriate extension on the punchdown block. USWest wouldn't initiate the DSL service order until the line was actually in place, but was to do so the day after the install was scheduled. Never happened, a month later they couldn't find any record of a service order and had to start the process again (a three-week delay that according to service reps can't be shortened.) And they sent a PCMCIA NIC instead of the PCI NIC that was requested. They did second-day a PCI card to me, but failed to send the return labels for the PCMCIA card, so it's still sitting on my desk. Hold times were reasonable (five to ten minutes).
The third DSL also needed a POTS line first. USWest wouldn't promise that it would qualify for DSL until it was installed, and since we didn't want it unless it did qualify, installing was an act of blind faith. The installer was supposed to phone in the DSL request. Never happened. When we followed up (three weeks later), they took the (new) order, shipped us a Cisco 675 (but failed to send a NIC), and hooked the DSL service up to the wrong exchange (823-xxxx instead of 821-xxxx, some poor sod in the neighborhood got DSL and didn't even know it). When we got that figured out they said they'd second-day ship a NIC, but three weeks later it still hasn't arrived. Last time I checked (five days ago) the DSL still wasn't active.
-Dave, in Minneapolis
Date: Fri, 29 Oct 1999 15:41:38 EDT From: Bob Goudreau <goudreau@dg-rtp.dg.com> Subject: Re: To 'Bell' or NOT to 'Bell' - Names/Logos/Holdings/etc.
Mark J. Cuccia <mcuccia@mailhost.tcs.tulane.edu> wrote:
> Finally, in the early 1970's, Bell Canada and Northern Electric > partially held by Bell Canada, (US) Western Electric, and AT&T itself) > formed a new R/D entity called "Bell Northern Research". It has the > 'Bell' name, but not logo. It was formed to take over Canadian R/D > needs in preparation for the dissolution of the corporate arrangement > between Bell Canada/NECO and AT&T/WECO/Bell Labs, as well as to start > some "Canada specific" R/D in the meantime.
However, a few years ago, BNR was folded back into Northern Telecom (nee Northern Electric) proper. Since then, NT itself changed its name to Nortel Networks in the wake of its acquisition of Bay Networks. Nortel has substantial operations (~10,000 employees) here in the Research Triangle Area, including what was once a BNR site along my daily commute route. That facility has consistently sponsored trash pickup along a section of that road via North Carolina's "Adopt a Highway" program, and the sponsorship sign along that road has consequently evolved over the course of 1990s from "BNR" to "Northern Telecom" to "Nortel Networks".
Bob Goudreau Data General Corporation goudreau@rtp.dg.com 62 Alexander Drive +1 919 248 6231 Research Triangle Park, NC 27709, USA
From: robl@macwhiz.com (Rob Levandowski) Subject: Re: Britain Knocked Off the Internet Map Organization: MacWhiz Technologies Date: Fri, 29 Oct 1999 06:35:32 -0400
In article <telecom19.516.1@telecom-digest.org>, Danny Burstein <dannyb@panix.com> wrote:
> A NATION OF PORNOGRAPHERS and spammers. That was the view of Britain > apparently adopted by one of the biggest Internet service providers in > the US last week, as it decided to block all incoming email from > British companies.
I'd be willing to bet that this decision was made by some middle management type who doesn't understand international naming conventions. The decision-maker probably thought that ".co.uk" was the domain name of some entity, not the United Kingdom equivalent of the .com TLD.
The problem here is that the standard isn't standard. There's the .com TLD, which at one time used to be primarily for U.S. businesses, and now is global. There are countries that use .co.*, and other that use .com.*, which can be even more confusing. If the Internet were to be designed all over again ;) there probably should be a standard set of second-level domains for country-specific TLDs.
Rob Levandowski robl@macwhiz.com
Subject: Re: New DNS Entry From: belfert@foshay.citilink.com (Brian Elfert) Date: Fri, 29 Oct 1999 13:11:53 GMT
sonya_woods@my-deja.com (Sonya Woods) writes:
> Do you use the New Tucows Domain Service with OpenSRS? > What do you think about it?
> I visited OpenSRS yesterday, and was searching for the domain name > registry process, but didn't find it. I found a primary technical > instructions, but I don't know if these instructions are for common > users or resellers. Finally, I couldn't register.
You must have not read the site at all. The very top of the web page says it will not open until Nov 15, 1999. Also, I'm not sure OpenSRS will handle registrations by individuals. It looks like it will only handle registrations for ISPs.
> been working with NSI, but Tucows prices and services are expensive > and prehistoric. I only found a problem with this registrar it's > working with owns Nic's instead of Core Nic's.
Nominalia charges $20 per year, and OpenSRS/TUCOWS charges $13 per year. How exactly is OpenSRS more expensive?
Brian
Date: 29 Oct 1999 09:30:55 -0400 From: johnl@iecc.com (John R. Levine) Subject: Re: New DNS Entry Organization: I.E.C.C., Trumansburg NY USA
> I visited OpenSRS yesterday, and was searching for the domain name > registry process, but didn't find it. I foud a primary technical > instructions, but I don't know if these instructions are for common > users or resellers. Finally, I couldn't register.
Well, of course you couldn't register, as it says on the home page it won't be up and running until November 15th. OpenSRS is intended for people who want to build their own front end, either for their own use or for resale, not for end users.
> I forgot this option and came back to my current domain names > registrar, Nominalia.net. The Nominalia site guarantee the registry in > less than 24 hours (if I pay ...), and offered me easy customer > services for managing my domain name request service. I always had > been working with NSI, but Tucows prices and services are expensive > and prehistoric.
Expensive? They'll be charging $26 for two years. The least expensive active registrars now are joker.com who charge DM80, about $45, and Nominalia who charge about $40.
John R. Levine, IECC, POB 727, Trumansburg NY 14886 +1 607 387 6869 johnl@iecc.com, Village Trustee and Sewer Commissioner, http://iecc.com/johnl, Member, Provisional board, Coalition Against Unsolicited Commercial E-mail
From: patrick@klos.com (Patrick Klos) Subject: Re: Two New Anonymizing Features Added Here Date: 29 Oct 1999 14:57:05 GMT Organization: Klos Technologies, Inc.
In article <telecom19.518.12@telecom-digest.org>, Al Iverson <radparker@radparker.com> wrote:
> In article <telecom19.517.1@telecom-digest.org>, TELECOM Digest Editor > <ptownson@telecom-digest.org> wrote:
>> Anonymous outgoing email:
>> You may now send single (one piece at a time) email letters from this >> site which indicate to the recipient that they were sent by 'anonymous'. >> No response back to you is possible.
> Please let us know what domain name this outgoing mail is going to > use, so we can choose to refuse mail from that domain.
> Al Iverson -- Web: http://al.radparker.com/ -- Home: Minneapolis, USA > MAPS LLC RSS Project Coordinator -- at http://www.mail-abuse.org/rss/ > STOP! Include SWANKY99 in email replies or they may be tagged as spam. > Send me no unsolicited advertising, as I will always return it to you.
Your signature implies you're heavily involved in anti-SPAM practices. With that in mind, you must realize that this anonymous service would be the LAST service any SPAMMER would use! It would be totally impractical for a SPAMMER to use such a site that allows only one recipient at a time (that's the impression I get from reading the posting).
So why are you making a big deal out of it?!?
No one hates SPAM more then me, but this posting serves no logical purpose except maybe to add to your anti-SPAM hype?
Patrick Klos Email: patrick@klos.com Klos Technologies, Inc. Web: http://www.klos.com/
[TELECOM Digest Editor's Note: Everything I offer in the way of anony- mous services at http://telecom-digest.org/postoffice is designed in such a way as to encourage privacy while discouraging spam. If you look at the templates used for outgoing/incoming web-based email and the template used for outgoing anonymous email, you will see they are not very convenient interfaces at all for spammers, yet they serve their purpose quite well for users who wish to send occassional mail either for which they require a return address, or do not require a return address. Ditto the anonynmous Usenet postings. I had *thought* that feature might be useful for people who want to post responses or inquiries regarding sensitive situations in newsgroups where for what- ever reason, they dare not have their own name as part of it; at least not their own name from their employer's work station, etc. If a spammer wants to sit there and type in hundreds of newsgroup names in the little tiny box provided for same, or sit there and type in thousands of names in the little tiny box provided for same with the anonymous email, then god bless him. If he is not willing to sit tere and type it all in by hand -- which is the only option he gets with mine -- then what business has he got trying to be a spammer in the first place? PAT]