Sponsored link
Vyatta –
Linux & Open Source
Alternative to Cisco –
Advanced Routing,
Firewall, VPN, QoS..
Free Download ->
| |||||||||||
Free the Cell Phone! (Wired)Free the Cell Phone! (Wired)Posted Sep 28, 2005 21:11 UTC (Wed) by Ross (subscriber, #4065)In reply to: Free the Cell Phone! (Wired) by Los__D Parent article: Free the Cell Phone! (Wired)
I didn't say the DoS could be prevented, but the crashing of the network. At least they were listed as two separate things ... if they are one in the same then nevermind. I assumed the crashing was due to something like poor handling of malformed packets or nonstandard extensions. As for noise, realize that it can be generated by any phone, not just those held by customers. In fact it can be generated from many sources which are not cell phones. In both cases FCC requirements should be plenty to protect the company.
(Log in to post comments)
Free the Cell Phone! (Wired) Posted Oct 5, 2005 22:03 UTC (Wed) by Ross (subscriber, #4065) [Link] An article on the NY Times linked from Slashdot seems to be on topic here:
http://www.nytimes.com/2005/10/05/technology/05phone.html
"Hackers could take down cellular networks by inundating their popular text-messaging services with the equivalent of spam, computer security researchers said."
"Because text messages are transmitted on the same signal that is used to set up voice calls, just 165 messages a second is enough to disrupt all cellphones in Manhattan."
That's anything but good design. Based on the discussion here I assume the solution is going to be: rate limit the number of messages phones are allowed to send. That's like trying to prevent network attacks by outlawing port scanners.
Free the Cell Phone! (Wired) Posted Oct 7, 2005 7:08 UTC (Fri) by Cato (subscriber, #7643) [Link] SMSs are sent using the signalling channel of the mobile network (basically SS7, called MAP in case of GSM I think). SS7 is in fact a packet based network that carries signalling requests and responses (ringing, busy, etc) somewhat like IP. So when someone spams the network with a large number of SMSs, that's like trying to place that number of calls per second. In the old days when phones were entirely driven by human fingers, neither case was possible so the network didn't need to protect against this. Now, the issue is simply rate-limiting the SMS/signalling traffic to something reasonable. This is similar to what IP networks have to do in their control plan (routing/signalling) - ensure that routing updates are kept to a reasonable rate across the boundary to an untrusted network.
The drive to have a 'trusted' phone platform would enable some good things, such as preventing people faking their phone number in SMSs (imagine getting fake text appearing to be from a family member about some emergency - would you stop to think it might be faked if it came from their number?). However, it would also lock people out from installing arbitrary software on their own phones, including open source.
Laws protecting the right to unlock phones and SIMs at reasonable cost, and to limit the use of TPM in phones (ideally to network-affecting infrastructure modules, e.g. only way to send SMS is via an authorised API module), are very important to consumers, hackers and the mobile industry generally. Without the innovation of new software on mobiles, many exciting developments would happen far more slowly - e.g. clever relevance filtering of incoming phone calls (based on your calendar [are you in a meeting], contacts [is it the boss or spouse], time of day [only family calls after midnight], ...), fixed-mobile convergence (roaming to WiFi at home), etc.
|
|||||||||||