Tag Archive for AT&T

| September 24, 2018
Comments Off on AT&T Still Trying BPL

AT&T Still Trying BPL

AT&T Still Trying BPLFresh off its dismantling of net neutrality and its drunken binge of bribing its staff, AT&T (T) has launched two field trials of its AirGig technology, fueling hopes it can gain broader acceptance of its version of the failed broadband over powerline (BPL) technology. The AirGig plan, as AT&T explained in 2016, is to use millimeter-wave radio signals (above 24 GHz) to travel along power lines. Radios on the power lines would regularly refresh the signal as it travels.

At&T kogoFirecetelecom reports that the first trial was with an electricity provider outside the U.S., and the second trial is underway with Georgia Power. Stopping short of revealing a service rollout plan, AT&T will take what it learns from the trials and continue to develop AirGig. Based on its evaluation of the current trials, AT&T will look at expanding more advanced BPL technology trials in other locations. AT&T told Firecetelecom that while “there’s no timeline yet for commercial deployment, we’re encouraged and excited by what we’ve seen so far.”

The service is bullish on AirGig. The telco is touting AirGig’s potential to deliver 1 Gbps speeds via a millimeter-wave signal guided by power lines. Firecetelecom says AT&T’s Ultimate goal with AirGig is to accelerate broadband deployments.

Broadband over power line (BPL)While there have been plenty of BPL failures, AT&T claims AirGig is different. They say it is more efficient than earlier generations of BPL because it runs along, and not within, the medium voltage power lines. The technology differs from earlier BPL technologies, which traveled with the current.

In order to roll out Airgig, AT&T had to develop several new BPL innovations to distribute signals from the power lines to homes and businesses. AT&T labs developed a Radio Distributed Antenna System (RDAS), which uses low-cost plastic antennas, aka mmWave surface wave launchers, along with inductive power devices, which receive power without direct electrical connections (for simplified installation).

The RDAS will reconstruct signals from multi-gigabit mobile and fixed deployments. Those data signals are then transmitted using mmWave over power lines. The mmWave surface wave launchers are inductive power devices that create multi-gigabit signals that travel along or near the medium-voltage wire, not through it.

Maxwells EquationsThe data signal uses the existing pole infrastructures mostly line-of-sight wire paths act as a waveguide that channels the signal and improves the transmission quality, according to Mark Evans, a director on AT&T’s AirGig team. A waveguide is a structure (like an electrical wire) that restricts how much waves can expand over distance, thereby minimizing energy loss. AT&T radio technology engineer Peter Wolniansky explained in a demo that electromagnetic physics make it work,  “The signal energy clings like a glow to this wire, … It’s bound by Maxwell’s equations to stick to this wire.

Millimeter waves are radio waves from 24-300 GHz. The benefit of using these high-frequency bands is access to high bandwidth, between 100-800 MHz, which is 20-100x more than today’s common cellular systems.

AT&T plans to put wireless stations periodically along the route to provide the last-mile connections. For that last communication link to a home or business, AT&T will use more conventional wireless equipment. Customers would use 5G CPE equipment to connect to the AirGig data flow. Once the CPE has received the signal, it can use Wi-Fi (802.11ad or 802.11ac) or an LTE femtocell unit to connect to the end users’ smartphones, tablets, laptops, television, autonomous vehicles or other IoT devices. CNet quotes Mark Evans, a director on AT&T’s AirGig team.”We’re aiming to be ready to deploy it commercially in the 2021 timeframe.

CNET also quotes Gordon Mansfield, AT&T’s vice president of converged access and devices who says they are moving forward. He confirmed that AT&T has contracted with manufacturers to build more refined hardware for a new round of AirGig testing most likely in 2019.

At&T Airgig eggsA key part of the AirGig technology for AT&T is that it is easy to install. Antenna modules — AT&T calls them eggs — clamp in pairs on the power line extending each direction from the power pole. The devices can power themselves via inductive power devices without a direct electrical connection. The eggs configure themselves automatically, and the early test showed it takes people 10 minutes to hook up to the network, said AT&T Chief Technology Officer Andre Fuetsch.

rb-

Kudos to AT&T for trying to figure out how to get everybody else to do their work just like Tom Sawyer..

AT&T can use the existing electrical right of way to bypass local municipality requirements, a long-running tactic of AT&T.

AT&T does not want to be in the business of connecting customers. They want to use the electric company’s infrastructure for free because fiber optic cable is expensive to bury underground or string along telephone poles.

AT&T will be using totally free unlicensed spectrum to sell access back to us at a huge profit.

They don’t even want to pay for electricity to run the equipment. They are using inductive power right off the mainline so it is not metered, which means everybody will have to pay.

 

Related article

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , ,
| August 18, 2018
Comments Off on Will Climate Change Sink the Web?

Will Climate Change Sink the Web?

Despite claims to the contrary, climate change is real. Climate change will break critical parts of the Internet within 20 years. That is what a study by Paul Barford, a University of Wisconsin, Madison professor of computer science predicts.

Professor Barford presented his findings at IETF 102. IETF 102 was a meeting of the Internet Engineering Task Force Association for Computing Machinery, the Internet Society, and the Institute of Electrical and Electronics Engineers in Montreal. The study, “Lights Out: Climate Change Risk to Internet Infrastructure,” found that critical communications infrastructure could be submerged by rising seas in as soon as 15 years.

Conventional copper and fiber optic cables

Companies like Google, Microsoft, Facebook, and Cable and Wireless go through enormous costs and efforts to protect undersea cable spanning the continents but once that cable hits the shore it gets converted to conventional cables. The conventional copper and fiber optic cables buried decades ago, carry the signals from the landing points to the interior are not designed to withstand the inundation by saltwater caused by climate change.

Internet landing points that will be impacted by climate change

Popular Science reports that Professor Barford’s research found that climate change will impact more than 4,000 miles of buried fiber optic conduit. These conduits and internet cables will most likely be underwater and become inoperable due to exposure to damaging saltwater. Saltwater causes damage to the cables which reduces their ability to send signals. The cable landing stations where undersea cables connect the U.S. Internet to the rest of the world will also be vulnerable. The study also predicts that water will surround over 1,100 traffic hubs.

Unsersea fiber optic cable landing point susceptible to flooding

Major interruptions

Mr. Barford told Popular Science that this service interruption is likely to become a growing problem within the next 15 years. He warned that communications companies should begin implementing protective measures and solutions soon if they want to avoid major interruptions in the near future.

“Most of the damage that’s going to be done in the next 100 years will be done sooner than later,” says Dr. Barford, the keeper of the Internet Atlas, a comprehensive repository of the physical Internet — the buried fiber optic cables, data centers, traffic exchanges and termination points that are the nerve centers, arteries, and hubs of the vast global information network. “That surprised us. The expectation was that we’d have 50 years to plan for it. We don’t have 50 years.” He also notes “The landing points are all going to be underwater in a short period of time.”

The study is the first risk assessment of the impact of climate change on the U.S. infrastructure of the Internet. It reports that Miami, New York, and Seattle are among the areas where connectivity could be most affected. The Internet in these cities is at risk because cables carrying it tend to converge on a few fiber optic strands that lead to large population centers.

Fiber optic cable conduit susceptible to floodingBut the effects of climate changes would not be confined to those areas and would ripple across the Internet, potentially disrupting global communications. Many of the conduits at risk are already close to sea level and only a slight rise in ocean levels due to melting polar ice and thermal expansion will expose buried fiber optic cables to seawater.

No thought was given to climate change

Much of the infrastructure at risk is buried and follows long-established rights of way, typically paralleling highways and coastlines. The roots of the danger emerged inadvertently during the Internet’s rapid growth in the 1980s before there was widespread awareness of the Internet as a global grid or the massive threats of climate change. Professor Barford says, “When it was built 20-25 years ago, no thought was given to climate change.”

To reach this conclusion, the team combined data from the Internet Atlas and projections of sea level incursion from the National Oceanic and Atmospheric Administration (NOAA).

Fiber optic cableScience Daily says the findings of the study, serve notice to industry and government. “This is a wake-up call. We need to be thinking about how to address this issue.Mikhail Chester, the director of the Resilient Infrastructure Laboratory at the University of Arizona told National Geographic, This new study “reinforces this idea that we need to be really cognizant of all these systems because they’re going to take a long time to upgrade.

ISP responses to climate change

The impact of mitigation such as sea walls, according to the study, is difficult to predict. “The first instinct will be to harden the infrastructure,” Professor Barford says. “But keeping the sea at bay is hard. We can probably buy a little time, but in the long run, it’s just not going to be effective.”

US shore susceptible to flooding

The study called individual internet service providers. They found finding that AT&T (T), Verizon (VZ), and CenturyLink (CTL), at most risk. In response, AT&T spokesman Jeff Kobs told NPR,

AT&T uses fiber optic cable “designed for use in coastal areas as well as being submerged in either salt- or fresh-water conditions,… In certain locations where cabling will be submerged for long periods of time or consistently exposed, such as beaches or in subways, we use submarine underwater cabling.

Verizon spokeswoman Karen Schulz told NPR,

After Sandy, we started upgrading our network in earnest, and replacing our copper assets with fiber assets … Copper is impacted by water, whereas fiber is not. We’ve switched significant amounts of our network from copper to fiber in the Northeast.

She explained that Verizon’s focus on flood risk

really has less to do with sea-level change and more to do with general flooding concerns … For cable landing stations that are very close to the oceans and that have undersea cables, we specifically assess sea-level changes.

A representative of CenturyLink told Popular Mechanics they can handle the problem. The company’s PR rep said that CenturyLink networks are designed with redundancy and can divert traffic to alternate routes when infrastructure goes down.

rb-

Donald Trump Still Doesn’t Believe in Climate ChangeThe Verizon and CenturyLink responses seem to totally miss the point.

The impact of large-scale Internet failures goes beyond Facebook and iTunes. The failure of the Internet would disrupt many real people’s day-to-day services like online banking, traffic signals, and railroad routing; the sharing of medical records among doctors and hospitals, and the growing “internet of things” that includes household appliances to regional grids of electric power production and transmission.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , ,
| August 4, 2018
Comments Off on Happy Birthday to IPv6

Happy Birthday to IPv6

Happy Birthday to IPv6You are forgiven if you missed IPv6’s birthday (I did). The next-generation network addressing scheme turned 6 years old back in June. June 06, 2012, was World IPv6 Launch Day when everybody was supposed to permanently enable IPv6 on their networks. The results – not so good. There are global highlights but 3/4’s of internet users still regularly connect to the Intertubes over legacy IPv4.

The Internet Society rightly points out that enterprise operations tend to be the “elephant in the room” when it comes to IPv6 deployment. If only 26% of networks advertise IPv6 autonomous system prefixes, 74% do not. Most of the 3/4ths not using IPv6 are likely to be enterprise networks.

Enterprises have traditionally been reluctant to embrace IPv6 — there has been no real need to implement it, with many seeing it as an additional cost and risk with no direct use for their daily business.  Cost can include monetary assets, but also people and time

IPv6Migrating to IPv6 will be hard. The migration will involve all departments of the organization and every piece of equipment connected to the network. Then consider that the migration will be made over time and that everyone needs to be on the same page working together for the best outcome and smoothest transition.

Legacy systems can be defined basically as older systems. They likely are missing some common functionality from current technology, but still exist because they perform a key or important function for the organization just fine, thus there is no reason to replace it. However, this attitude is starting to change.

Microsoft logoLarger and more tech-savvy enterprises are forging innovative paths forward. CircleID points out Microsoft (MSFT), which made one of the first publicly announced purchases of IPv4 address space, reportedly purchasing 666,000 addresses at $11.25 per address in 2011. In a recent blog, Microsoft described the steps is taking to turn off IPv4 and become an IPv6-only company. Their description of their heavily translated IPv4 network includes phrases like “potentially fragile”, and “operationally challenging”, and about dual-stack operations, “complex”.

Outside of the enterprise space, there’s still the rest of the Internet that needs to make the migration. According to the stats in the article, the top carriers in the U.S. still carry less than half of the IPv6 traffic that the Indian ISP Reliance Jio carries. The Internet Society takes the happy view that the excuse that “no one is doing IPv6” is gone. For many people and networks, IPv6 is the new normal and is the future of Internet connectivity.

Some of the highlights for IPv6 are:

  • 237 million people in India connect over IPv6.
  • Mobile operators are adopting IPv6, some have over 80 or 90% of their devices connecting over IPv6.
  • 28% of the Alexa Top 1000 websites are IPv6-enabled.

ISOC - State of IPv6 Deployment 2018

 

National mobile networks are driving the global adoption of IPv6. Some mobile networks are taking the step to run IPv6-only to simplify network operations and cut costs. Japan and India are leaders in IPv6 adoption.

Reliance JIOThe Indian wireless carrier Reliance Jio has an 87% IPv6 rate.

In Japan, the top three wireless carriers are:

U.S. wireless carriers are deploying IPv6 also:

Many home and business users get Internet connectivity from broadband ISPs. Many broadband ISPs have deployed IPv6 on their networks. They send the majority of their traffic over IPv6 to major content providers. For example, Comcast (CMCSA), the largest broadband ISP in the U.S. is actively deploying IPv6. Per the World IPv6 Launch website, Comcast has an IPv6 deployment measurement of over 66%. Globally broadband ISPs are also deploying IPv6.

The following table from the Internet Society lists the top IPv6 carriers based on the number of users.

RankISPCountryIPv6 Users (estimated)
1Reliance JioIndia237,600,764
2ComcastUnited States36,114,435
3AT&TUnited States22,305,974
4Vodafone IndiaIndia18,368,165
5Verizon WirelessUnited States15,422,684
6Idea CellularIndia14,681,694
7Deutsche Telekom AGGermany14,261,836
8T-Mobile USAUnited States14,057,105
9KDDI CorporationJapan11.871,952
10Sky BroadbandGreat Britian11,829,610
11ClaroBrazil10,235,805
12SoftbankJapan8,613,145
13OrangeFrance7,924,119
14AT&T WirelessUnited States7,694,881
15Cox CommunicationsUnited States6,316,462
16Kabel DeutschlandGermany5,835,590
17SK TelecomKorea5,764,073
18NTT CommunicationsJapan5,596,206

 

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , ,
| June 15, 2017
Comments Off on Scary SS7 Flaw Strikes Banks

Scary SS7 Flaw Strikes Banks

Scary SS7 Flaw Strikes BanksLost in last month’s hubbub over WannaCry ransomware was the revelation that hackers had successfully exploited the SS7 “flaw” in January 2017. In May reports surfaced that hackers were able to remotely pilfer German bank accounts by taking advantage of vulnerabilities in Signaling System 7 (SS7). SS7 is a standard that defines how the public phone system talks to itself to complete a phone call.

Signaling System 7 is a standard that defines how the public phone system talks to itself to complete a phone call.The high-tech heist was initially reported by the German newspaper Süddeutsche Zeitung (auf Deutsch). The attack was a sophisticated operation that combined targeted phishing emails and SS7 exploits to bypass two-factor authentication (2FA) protection. This is the first publicly known exploit of SS7 to intercept two-factor authentication codes sent by a bank to confirm actions taken by online banking customers.

How hackers get in

According to ars Technica, the attack began with traditional bank-fraud trojans. These trojans infect account holders’ computers and steal the passwords used to log in to bank accounts. From there, attackers could view account balances, but were prevented from making transfers without the one-time password the bank sent as a text message. After stealing the necessary login details via phishing emails, the perpetrators leveraged the SS7 flaw to intercept the associated mTAN (mobile transaction authentication numbers) authentication codes sent to the victims — messages notifying them of account activity — to validate the transactions and remain hidden, investigators say.

Central office equipmentGerman Telecommunications giant O2-Telefonica confirmed details of the SS7-based cyberattacks to the newspaper. Ars says, in the past, attackers have obtained mTANs by obtaining a duplicate SIM card that allows them to take control of the bank customer’s phone number. SS7-facilitated compromises, by contrast, can be done remotely on a much larger quantity of phone numbers.

O2 Telefonica confirmed to Help Net Security that the attackers were able to gain access to the network of a foreign mobile network operator in January 2017. The attackers likely purchased access to the foreign telecommunications provider – this can apparently be done for less than 1,000 euros – and have set up a call and SMS forwarding.

Two-factor authentication

Ford Road CO in Dearborn Mi is the Oregon officeTwo-factor authentication (2FA) is a security process in which the user provides two authentication factors to verify they are who they say they are.  2FA provides an extra layer of security and makes it harder for attackers to gain access to a person’s devices and online accounts because knowing the victim’s password alone is not enough to pass the authentication check. Two-factor authentication has long been used to control access to sensitive systems and data, and online services are increasingly introducing 2FA to prevent their users’ data from being accessed by hackers who have stolen a password database or used phishing campaigns to get users’ passwords.

News of the incident prompted widespread concern online. Security advocates railed against the popular and continuous use of text messages to authenticate account information while growing evidence suggests that SS7 is an unsafe channel to deliver such data. Security experts told ars that the same SS7-centric hacking techniques used against German banks will become increasingly prevalent in the future, forcing organizations to reconsider how they authenticate user activity.

The end of 2FA?

Cris Thomas, a strategist at Tenable Network Security warns in the article:

While this is not the end of 2FA, it may be the end of 2FA over SS7, which comprises a majority of 2FA systems … Vulnerabilities in SS7 and other cellular protocols aren’t new. They have been presented at security conferences for years … there are other more secure protocols available now that systems can switch to…

Cybersecurity researchers began issuing warnings about this flaw in late 2014 about dangerous flaws in SS7. I wrote about the SS7 flaw in September of 2016  and in March 2107. Maybe this will be the wake-up call for the carriers. One industry insider quipped:

This latest attack serves as a warning to the mobile community about what is at stake if these loopholes aren’t closed … The industry at large needs to go beyond simple measures such as two-factor authentication, to protect mobile users and their data, and invest in more sophisticated mobile security.

SS7 allows voice networks to interoperate

a man-in-the-middle attack In 2014 security researchers first demonstrated that SS7 could be exploited to track and eavesdrop on cell phones. This new attack is essentially a man-in-the-middle attack on cell phone communications. It exploits the lack of authentication in the communication protocols that run on top of SS7.

Developed in 1975, today, over 800 telecommunications companies around the world, including AT&T (T) and Verizon (VZ), use  This technology has not kept up with modern times.  In May 2017, Wired published an article that explains some of the ways to secure SS7. Overcoming SS7 insecurity requires implementing a series of firewalls and filters that can stop the attacks. Researchers Wired spoke to suggest that adding encryption to SS7 would shield network traffic from prying eyes and bolster authentication. Both of these changes are unpopular with the carriers because they cost money and can impact the network core, so don’t expect any network changes to address the SS7 flaw anytime soon.

Carriers should use SS7 firewall to secure the SS7 networkThe Register reports that the FCC’s Communications Security, Reliability and Interoperability Council found that the proposed replacement for SS7 on 5G networks, dubbed the Diameter protocol has security holes too.

In March 2017, Oregon Sen. Ron Wyden and California Rep. Ted Lieu sent a letter to Homeland Security’s John Kelly requesting that DHS investigate and provide information about the impact of SS7 vulnerabilities to U.S. companies and governmental agencies. Kelly has not responded to the letter, according to the Wired article.

Of course, the TLA’s would never use this “flaw” in SS7 to spy on us.

What can you do?

The Guardian says that given that the SS7 vulnerabilities reside on systems outside of your control, there is very little you can do to protect yourself beyond not using the services.

PoliticanThey recommend for text messages, avoiding SMS instead of using encrypted messaging services such as Apple’s (AAPL) iMessage, Facebook‘s (FB) WhatsApp or the many others available will allow you to send and receive instant messages without having to go through the SMS network to protect your messages from surveillance.

For calls, the Guardian recommends using a service that carries voice over data and not through the voice network. This will help prevent your calls from being snooped on. Messaging services including WhatsApp permit calls. Silent Circle’s end-to-end encrypted Phone service or the open-source Signal app also allows secure voice communications.

Your location could be being tracked at any stage when you have your mobile phone on. The only way to avoid it is to turn off your phone or turn off its connection to the mobile phone network and rely on Wi-Fi instead.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
| January 26, 2017
Comments Off on Avaya Goes Chapter 11

Avaya Goes Chapter 11

-Updated- 03-07-17 As predicted Avaya spun off its networking business. The lucky winner is Extreme. The presser from Extreme is here.

Avaya Goes Chapter 11In one of the worst-kept secrets in tech, Avaya has finally declared bankruptcy. The Santa Clara, CA-based communications company filed for chapter 11 protection on January 19th, 2017 in the U.S. Bankruptcy Court for the Southern District of New York. Reports are that Avaya faced an end of January deadline to reach agreements with creditors to address its $6.3 billion debt or potentially default.

Avaya logoThe company’s presser announcing the bankruptcy characterizes the decision to seek Chapter 11 as a necessary re-do on deals made a decade ago. The company was spun off from Lucent, a former AT&T unit, in 2000. Avaya went private in 2007 when private equity firms Silver Lake Partners and the Texas Pacific Group took over the firm for $8.2 billion. Avaya was set up as a leveraged buyout – loaded with debt. At the time the new owners said going private would help Avaya to accelerate product development. In 2009 Avaya scooped up the remnants of Nortel for $900m.

The Nortel acquisition added Ethernet switching and VoIP to Avaya’s portfolio. While the move added needed hardware to the Avaya portfolio the rest of the tech world started the shift towards software-as-a-service and the cloud. Avaya was not able to digest Nortel while taking on Cisco, Microsoft, and the cloud at the same time.

$6.3 billion debtAvaya was both late with VoIP and Unified Communications. Neither Microsoft nor Cisco were competitors in the TDM/PBX era. Cisco joined the race with VoIP and Microsoft then came along with Unified Communications. Both have tremendous enterprise penetration and brand recognition.

The pressure forced Avaya to consider selling its crown jewel, its contact center products to Genesys in 2016, in the hope it would raise some cash. When the deal with Genesys fell through, Avaya decided to file for bankruptcy. Avaya CEO Kevin Kennedy said in a statement, “…chapter 11 is the best path forward at this time.

In order to keep the lights on during the reorganization, the company has secured a $725 million loan underwritten by Citibank.

As part of its debt load, Avaya owes its pensioners $1.7 billion in unfunded pension liabilities. According to NoJitter Avaya will honor it obligations to maintain and continue the pension (as did GM in its reorganization).

Chapter 11 only impacts Avaya’s United States operations. In the rest of the world, the company is moving to assure customers and stakeholders that it’s business as usual.

Rb-
My experience is that the Avaya IP Office product is way over-priced, even in a bid environment. Why would anyone buy an Avaya Ethernet switch or access point when you can get a Cisco or an HP?

So what is to become of Avaya? One likely outcome is that all of the business units will be sold off to satisfy the creditors. The only thing left of Avaya will be a service organization to care for the huge installed base of orphaned Nortel and Avaya systems.

I know people are already getting calls from Cisco about replacing Avaya.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , ,
« Older Entries   Recent Entries »