TELECOM Digest Mon, 8 Nov 93 19:58:00 CST Volume 13 : Issue 745

TELECOM Digest Mon, 8 Nov 93 19:58:00 CST Volume 13 : Issue 745

Inside This Issue: Moderator: Patrick A. Townson

AT&T Secure Software (David R. Arneke)
Mobitex Software and Experiences (Peter van Eijk)
Book Review: "Fantastic LANtastic" by Talbott/Raker (Rob Slade)
Re: Earthquakes and Telecommunications (Russell Sharpe)
Re: Earthquakes and Telecommunications (Ethan Miller)
Bill Collectors Calling a Neighbor (Carl Moore)
Re: UK Plugs, Pinout Needed (Louis Emmet Mahoney)
Re: UK Plugs, Pinout Needed (Ian Payton)
Re: TRW Phone Print to Fight Cellular Fraud ([email protected])
Re: TRW Phone Print to Fight Cellular Fraud (Steve Forrette)
----------------------------------------------------------------------

From: [email protected] (David R Arneke)
Date: 8 Nov 93 10:06:17 GMT
Subject: AT&T Secure Software

Attached is a press release from AT&T Secure Communications Systems
that isn't really telecom-related, but might be of interest to
Internet users.

We'll be demonstrating these and other data security products at
COMDEX next week (we're in the NCR booth).

We have a variety of secure communications products in our line,
hardware and software, voice, data, fax, video and wireless. I'll
keep the information coming as we put it out.

Thanks again.

Sincerely,

David Arneke Media Relations Manager,
AT&T Secure Communications Systems
919 279-7680 [email protected]

AT&T INTRODUCES SECURITY SOFTWARE TO PROTECT PC, WORKSTATION DATA AND
COMMUNICATIONS

GREENSBORO, North Carolina -- AT&T is introducing software
programs that protect a variety of laptop, PC and workstation
applications.

The shrink-wrapped programs, announced today, provide data
privacy, digital signatures and secure data transmission. They are
the first in a series that will provide end-users with public key
cryptography capabilities.

AT&T Secure Communications Systems has previously developed a
multilevel secure UNIX software package. The products announced today
are its first security-related offerings in the DOS/Windows and
Macintosh markets.

"These programs are a user-friendly means of establishing
privacy for files stored on laptops, PCs and workstations," said Bill
Franklin, business development manager for AT&T Secure Communications
Systems.

"They also provide privacy and other security functions for
electronic mail, electronic data interchange, electronic commerce and
a variety of other communications applications that users may want to
keep private. The emphasis is on enterprise and inter-enterprise
security applications."

The software has particularly strong business and mobile
computing applications.

"These programs offer key capabilities for anyone working on the
road, from home, at remote work sites or in a mobile-office setting,"
Franklin said. "They can reduce the risks of communicating over
public networks."

The programs incorporate emerging and established federal
standards and operate across a wide variety of platforms, including
MS-DOS, Windows, Macintosh and various UNIX systems.

The first programs in the series are:

-- AT&T SecretAgent (R), which implements the Digital Encryption
Standard for privacy and the Digital Signature Algorithm and Secure
Hash Standard to protect the integrity of files stored on or
transmitted from personal computers. It operates transparently to
e-mail systems.

-- AT&T dsaSIGN (TM), which provides authentication and data
integrity assurance for electronic documents through use of the
Digital Signature Algorithm and Secure Hash Standard.

-- AT&T SecureZMODEM (TM), which encrypts data on the fly as it
is transmitted using the ZMODEM communications protocol.

Additional software products based on RSA public-key technology
are also available.

"We will also introduce access control products, com- patible
with the products we're announcing today, for PCs, workstations and
networks in the coming months," Franklin said.

All three programs were developed for AT&T by Information
Security Corporation of Deerfield, Illinois. They are available
exclusively from AT&T and its distributors.

ISC will be AT&T's primary representative in the government
market for these and related products.

The programs use proven technology that has been available in the
government market for more than a year.

"All three have gained strong acceptance among government
computer users," said Tom Venn, president of Information Security
Corporation.

The single-copy price for AT&T SecretAgent is $329.95; for AT&T
dsaSIGN, $149.95; and for AT&T SecureZMODEM, $99.95. Site and
enterprise licenses and volume discounts are available.

All programs are available now directly from AT&T Secure
Communications Systems and its distributors.

Customers can get more information on AT&T software security
programs by calling 1 800 203-5563.

For media inquiries, call David Arneke at AT&T Secure
Communications Systems, 919 279-7680.

------------------------------

From: [email protected] (Peter van Eijk)
Subject: Mobitex Software and Experiences
Date: Mon, 8 Nov 1993 10:56:34 GMT
Organization: Centrum Voor Informatieverwerking, Utrecht, The Netherlands

Dear datacom people,

As you may be aware of, Mobitex is a protocol for mobile packet
switched datacom. Mobitex networks are operational in several
countries of the world, including the USA. A substantial number of
these is run by RAM Mobile.

My company is starting to get involved in developing and deploying
Mobitex based applications. I am now following leads w.r.t. software
that will help us doing so. Suppliers i know of are: Nettech of NJ, AU
system of Sweden, Research in Motion of Waterloo, Ontario.

At this moment i am interested in sharing experiences in Mobitex
application development. Also it would be nice to have email addresses
of suppliers (we do have a six to nine hour time difference with
North America).

Given interest, I'll summarize.

Peter van Eijk, CVI (Dutch Rail Automation), +31 30 924632
[email protected] PO Box 2233 3500 GE Utrecht NL.

------------------------------

Date: 8 Nov 93 14:36 -0600
From: Rob Slade <[email protected]>
Subject: Book Review: "Fantastic LANtastic" by Talbott/Raker

BKFANLAN.RVW 931027

OnWord Press 1580 Center Drive Santa Fe, NM 87505
"Fantastic LANtastic", Talbott/Raker, 1992, $US29.95, 0-934605-68-8

However you feel about LANtastic itself, this book has one very major
point going for it: it is written for everyone. There are four
well-defined sections for users, advanced users, administrators and
installers. The ordering (as listed) is very helpful. Novice users
will find their material first, whereas those wanting more advanced
functions will be those who are used to computer documentation. One
minor quibble in this regard is that the table of contents, at more
than twenty pages, may scare off the newcomer before he or she gets to
the opening chapter (forty-four pages in).

The text is light and informal, and well supported by screen
illustrations from both the DOS and Windows versions of the network
operating system interface. The informality may go too far at times.
(The material contains many helpful troubleshooting hints. An early
one recommends abusing the network installer, and then asking for
help. I'd think it would work much better the other way around.)
Also, some of the hints may not be the best approach to a problem.
Using an "external" editor for mail requires that the file be saved in
ASCII or DOS text format. It is recommended in Word, to print to a
file using the TTY format. Word, however, does have a feature to save
to a text file built in.

Part four, dealing with network installation, is a valuable resource
often left out of LAN-related books. Unfortunately it is long on very
detailed product specific information, and short on generic advice for
the novice installer. Since LANtastic is very attractive to those
wanting to network a few machines to share simple resources, this
latter omission could be important. Chapter nineteen (the first
chapter in part four) supposedly deals with designing a network.
While it asks all the right questions, it doesn't tell you how to deal
with the answers.

There are other omissions. Security is given a reasonable amount of
space. However, while password setting, changing and aging are
discussed, selection of good passwords is not. There is a brief
section on viral programs. If I understand it correctly, the authors
have a good grasp of the realities of the situation. Unfortunately,
this is one area where their humour has been granted too much leeway,
and it is difficult to interpret what has been written.

Altogether, this book is a very useful "one stop" reference for
LANtastic networks. Given the preference for LANtastic in situations
that are either very limited or highly technical, the shortcomings of
the work may be either unimportant or easily covered.

copyright Robert M. Slade, 1993 BKFANLAN.RVW 931027
Permission granted to distribute with unedited copies of TELECOM Digest
and associated mailing lists/newsgroups.

DECUS Canada Communications, Desktop, Education and Security group newsletters
Editor and/or reviewer [email protected], [email protected], Rob Slade at 1:153/733
DECUS Symposium '94, Vancouver, BC, Mar 1-3, 1994, contact: [email protected]

------------------------------

From: [email protected] (russell sharpe)
Subject: Re: Earthquake Preparedness
Date: 8 Nov 1993 09:38:24 GMT
Organization: Wellington City Council, Public Access
Reply-To: [email protected]

In article <[email protected]>, [email protected] (Nigel
Allen) writes:

> Does someone know about any report relative to the telecommunication
> problems encoutered after an Earthquakes (or any document related to
> this topic as for example the actions needed to prevent
> telecommunication problems or about the infrastructure needed to
> preserve communication after the earthquakes). References to
> newspapers or books and technical documents are welcolmed. Many
> thanks.

In New Zealand, because of our geographical nature, on the border of
the Pacific, and Austrailasion Plates, we are pretty conscious of
earthquakes, and volcanoes.

Here are some of the precautions we take.

- Trunk Route Diversity

- There is more than one Cable route in/out of each major building (ie.at
least one cable entrance at one end of the building, and one at the
other.

- National routes, use diversified Fibre Optic Transmission systems
(FOTS), Coaxial Transmission Systems, and Digital Microwave Sytems to
provide more than one route.

- Switches

All switches, and their buildings have been maintained upto very stringent
seismic rules (Some of these are Government rules, and some Telecom's).
Examples are:

- When a new building is erected next to an existing Switching
Centre, the Switching building must be upgraded to the same seismic
rating as the new.

- All switches are strongly bonded to the building with steel seismic
braces, so no equipment will have the tendency to fall over.

- Misc equipment, such as instruments, and ladders, must be properly
stored away, or strapped to the wall to prevent falling.

- Staff

At every site the are Civil Defence Cabinets, which contain light rescue
equipment, food/water supplies, and other Civil Emergency equipment that
might be needed in an emergency.

Russell Sharpe UseNet: [email protected]
FidoNet: 3:771/370
Voice: +64 4 5637779
snailmail: 171 Holborn Drive
Stokes Valley 6008
New Zealand

------------------------------

From: [email protected] (ethan miller)
Subject: Re: Earthquakes and Telecommunications
Date: 8 Nov 93 10:21:51
Organization: Berkeley -- Shaken, not Stirred
Reply-To: [email protected]

David Chessler <[email protected]> writes:

> In approximately 1969 there was a serious earthquake in Santa
> Barbara, Calif., which damaged several telephone company
> central offices.

> This is the only U.S. earthquake in the last twenty years that
> had any significant effect on the telephone system.

It may have been the only one to affect the phone system physically
(destruction of telecom facilities), but most earthquakes (and other
natural disasters) bring the system to its knees with the overload of
phone calls. After the 1989 Loma Prieta quake, the phone system in
the Bay Area was approximately useless due to the extremely high load
on the system. It took minutes to get a dial tone, and so many calls
came from out of the area that the LD carriers had to shut off
incoming calls.

Just goes to show that you can plan all you want to avoid physical
trauma to the phone system, but that doesn't guarantee the system will
be working usefully 100% of the time.

ethan miller--cs grad student [email protected]
#include <std/disclaimer.h>

------------------------------

Date: Mon, 8 Nov 93 23:47:28 EST
From: Carl Moore <[email protected]>
Subject: Bill Collectors Calling a Neighbor

Page 2A of the November 5 {Baltimore Sun} has a Mike Royko column
(obviously syndicated) about some bill-collector tactics. He writes
of Dave Gault, age 32 and living in Chicago, getting calls from bill
collectors who are not after him but after a NEIGHBOR. According to
the article, Mr. Gault knows nothing about this deadbeat neighbor
except that he is a neighbor. It mentions Mr. Gault making a 1:30 AM
phone call to the worst of the callers, a woman in Ohio whose first
name is Jane, and Jane threatened to file charges if he did that again
(it was 2:30 AM in Ohio). The article goes on to say that there are
federal and state laws to help people in situations like Mr. Gault's.

[Moderator's Note: The same article was in the {Chicago Tribune}, and
as usual, Royko made a silly commentary. Unfortunatly for Mr. Gault,
'Jane' is right and he is wrong. Under *no circumstances* according to
the law could 'Jane' or others like her call at 1:30 AM to discuss
whatever they want to talk about. By virtue of him placing his call
deliberatly at that hour, he was harassing her. His answer was that
since his sleep during the day (he is a night worker) was interuppted,
'Jane' should have her sleep interuppted also. That's not the way the
law pertaining to bill collectors reads. The law says collectors can
call between 8 AM and 8 PM local time, and never on Sunday. The law
makes no particular allowance for night workers who may be asleep at
those hours. Bill collectors working evening shifts make calls to
the east coast first *then* start calling the west coast since they
are allowed by law to call until 8 PM *local* time, which is maybe
10-11 PM if they themselves are on the east coast.

Mr. Gault does have legal recourse: he can tell the agency to cease
further contacts with him for any reason and the agency must comply.
He would talk to 'Jane' when she called in the middle of the day,
advising her he could not help with contacting the neighbor, and from
the story was resentful of her repeated calls asking him to help, but
there is no indication that at any time he specifically said *do not
call me again*. Those magic words would have ended the calls, at least
from any ethical collection agency which follows the law. But since
'Jane' originally called in good faith with no knowledge that Mr. Gault
would be asleep during permissible calling hours, she did not harass
him. By disturbing her on purpose, he did harass her. PAT]

------------------------------

From: [email protected] (Louis Emmet Mahoney)
Subject: Re: UK Plugs, Pinout Needed
Date: 8 Nov 1993 17:50:39 -0500
Organization: Express Access Online Communications, Greenbelt, MD USA

[email protected] (Brian Hess) writes:

> In article <[email protected]> [email protected].
> uni-muenchen.de (Helmut Heller) writes:

> U .K. U.S. (connectors viewed from above, metal contacts up)
> ^||||^ ^||||^
> WGBR RW

> Where ^ = open (non-metal) contact slot
> | = metallic contact
> W = white, G = green, B = blue, R = red

> 1) Sorry for the odd colors in the wire, but it's what I got from ye olde
> local telecom shoppe when I asked for six inches of line cord.

If one happens to _be_ in the U.K., Radio Shack shops there used to
carry US-to-UK modular converter adapters. They are probably still
available.

------------------------------

From: [email protected] (Ian Payton)
Subject: Re: UK Plugs, Pinout Needed
Date: 8 Nov 1993 09:32:42 GMT
Organization: Nokia Mobile Phones
Reply-To: [email protected]

Just to clarify an important point ... it is illegal to connect a
piece of equipment to the public network in Britain unless the
equipment has been approved by the appropriate British approvals
people for Telecoms equipment. This is very unlikely to be the case
for equipment sold outside the UK.

Ian Payton | Standard disclaimer: The views expressed above
[email protected] | are my own, and do not necessarily represent
Camberley, UK | the views of any organisation to which I belong.

------------------------------

From: [email protected]
Subject: Re: TRW Phone Print to Fight Cellular Fraud
Date: 8 Nov 1993 17:45:23 GMT
Organization: The University of Texas at Austin, Austin, Texas

In article <[email protected]> [email protected]
(Paul Joslin) writes:

> In article <[email protected]>, Willie Smith
> ([email protected]) wrote:

>> [email protected] (Erik Ramberg) writes:

>>> Being passed along FYI:
>>> TRW INTRODUCES BREAKTHROUGH TECHNOLOGY TO BLOCK CELLULAR FRAUD

>> Ha! All this probably means is you have to clone the same
>> manufacturer and model of phone. Especially with the big push to Six
>> Sigma (every product is identical to one part in a million), it's
>> going to be really difficult to tell phones of the same model apart
>> without denying service to folks at slightly different temperatures,
>> battery charge levels, and altitudes. How long do you think it'll
>> take the cloners to crack this one?

Identifying a transmitter that would prefer to remain anonymous has
been a matter of some interest to spy guys since the beginning of
radio. In the days of Morse code it was easy. A skilled operator
could recognize the "fist" at the key of the transmitter much as you
can recognize a voice on the phone. After WWII ended Teletypes
replaced Morse code and it was tougher to ID a transmitter. When a
transmitter is keyed up, it does not fire up instantaneously on
frequency. It may be a little low or high and it takes a while to
settle. In severe cases this will be audible to the listener as a
"chirp." The direction, amount, and settling time vary from radio to
radio.

Presumably, some attribute(s) of the chirp varies widely radio to
radio even of the same model and little from day to day. It is not
something you align the radio for as long as it settles "quickly" and
does not interfere with adjacent channels. It seems likely that high
frequency synthesizers built under fierce cost, space, and power
constraints would chirp rather nicely.

Currently cloners buy a scanner at Radio Shack and need only phone
programming skills. Measuring a chirp requires rather expensive gear
not currently available at RS. I am sure the security guys will not
willingly publish which chirp attributes they measure or how closely.
There may be other suitable attributes besides the chirp. It will be
complicated for the good guys by the requirement to not deny service
to the rightful users.

It could be spoofed, but you would need to add extra components in the
zero available space to tune the chirp and it would require MUCH more
than the usual skill at aligning radios. Cell fraud will, at the very
least, cease to be a cottage industry. The Japanese navy spoofed the
US by leaving the usual code operators at home to generate the usual
traffic with the usual fist when their fleet sailed for Pearl Harbor.
It may have been easier then than now.

------------------------------

From: [email protected] (Steve Forrette)
Subject: Re: TRW Phone Print to Fight Cellular Fraud
Date: 8 Nov 1993 02:18:04 GMT
Organization: Walker Richer & Quinn, Inc.
Reply-To: [email protected] (Steve Forrette)

In <[email protected]> [email protected] (Erik Ramberg)
writes:

> TRW INTRODUCES BREAKTHROUGH TECHNOLOGY TO BLOCK CELLULAR FRAUD

> TRW teams with PacTel Cellular to attack cellular fraud

> SUNNYVALE, CALIFORNIA, Oct. 19, 1993 - ESL incorporated, a subsidiary
> of Cleveland-based TRW Inc., is testing an electronic system with
> PacTel Cellular that tracks, identifies and blocks illegally made
> cellular telephone calls.

> The system works by making an electronic "print" based on the
> unique signal transmission characteristics for each cellular phone.
> Because each phone has a unique print - an electronic version of a
> human fingerprint - it cannot be duplicated. Once the real print is
> recorded, detection of a counterfeit print can be made. TRW
> PhonePrintTM is able to provide real-time analysis of each print every
> time a call is made and can block access within seconds of a
> counterfeit call be placed.

One detail that is conspicuously absent from the description is how it
works with roamers. Since the PacTel Los Angeles system won't have a
fingerprint on file for every phone in North America, it has no way of
verifying the legitimacy of a roamer. And isn't this where all of the
phraud is? Will PacTel only accept roamers from systems that also
have this system? This doesn't seem practical, but any other option
would result in the bad guys using MINs/ESNs from systems that don't
have the new system in place.

Another poster assumed that the fingerprint might only be specific
down to the model of phone. I think this is not true from the
description others have posted, but the question came up as to how the
thieves would find out the make and model for the MIN/ESN they want to
clone. Aren't the ESNs issued in blocks to manufacturers from some
central body, much like automobile VIN's? If so, then the
manufacturer would be a matter of public record based on the first few
digits of the ESN, and the breakdown amongst a single manufacturer's
models could be determined through general observations.

Steve Forrette, [email protected]

------------------------------

End of TELECOM Digest V13 #745
******************************

******************************************************************************

Downloaded From P-80 International Information Systems 304-744-2253