TELECOM Digest Tue, 19 Jan 93 02:13:00 CST Volume 13 : Issue 33 Index To This Issue: Moderator: Patrick A. Townson FCC Awards Pioneers Preference to Volunteers in Tech Assistance (N. Allen) Attempted Mindvox Break-in (John F. McMullen) Alteration of Ring Cadence (Charles Mattair) Do Telcos Record the Numbers of Local Calls? (Denis Coskun) Updated Bellcore Report on Future of N. American Number Plan (D. Leibold) Top Ten Traumas? (Dr. Ross Alan Stapleton) Re: Area Code 610 (Spyros Bartsocas) Re: Area Code 610 (Carl Moore) Re: Can Paging Software Detect Alphanumerics? (Guy Hadsall) Re: Can Paging Software Detect Alphanumerics? (Craig R. Watkins) Re: Good Opportunity For Fraud (Rod Gamble) Re: Good Opportunity For Fraud (Patrick Lee) ---------------------------------------------------------------------- Date: Mon, 18 Jan 1993 19:43:00 -0500 From: ndallen@r-node.pci.on.ca (Nigel Allen) Subject: FCC Awards Pioneers Preference to Volunteers in Tech Assistance Organization: Echo Beach, Toronto Here is a press release from Volunteers in Technical Assistance. FCC Awards Pioneers Preference to Volunteers in Technical Assistance To: National Desk, Science Writer Contact: Joe Sedlak of Volunteers in Technical Assistance, 703-276-1800 WASHINGTON, Jan. 14 -- The Federal Communications Commission today allocated four MHz of VHF/UHF spectrum to the Mobile Satellite Service for the low-earth orbit satellites (LEO-MSS) and finalized the tentative pioneer's preference awarded to Volunteers in Technical Assistance (VITA). The award is the first pioneer preference granted by the commission. Henry Norman, president of VITA, said "We are deeply gratified by the action taken by the FCC. VITA's global communications network is designed to bring scientific and technical knowledge to the poor in developing countries. The Pioneer's Preference given to VITA for advancing the technology and extending communications to people not now served indicates a recognition that the poor of the world should not be denied a share in benefits of modern technology. The FCC stated that it awarded the pioneer's preference to VITA because it was the first to develop and demonstrate the utility of a small low earth orbiting satellite system for civilian communications purposes. The commission also noted that VITA's pioneering efforts led to this proceeding authorizing spectrum for LEOs to provide services that will provide low-cost data communications between ground stations located anywhere in the world. VITA's system, VITASAT, is designed to provide data communications between 1,000 ground stations, most of them located in developing countries. A major use of the global network will be for disaster prevention, preparedness and mitigation communications. Norman said, "Our goal is to help bring the poor people of the developing world into the information mainstream of development. VITA is really about inclusion -- extending the benefits of modern science and technology to the poor." VITA has already installed ground stations connected to the VITASAT prototype, the PACSAT Communications Experiment, in Sierra Leone, Djibouti, Indonesia, Pakistan, Ireland, the South Pole, and at the Sandia National Laboratories in New Mexico. "Today's FCC decision is very important to the development of the VITASAT program," said Helena Wisniewski, VITA's vice president of communications technology. "The FCC's granting the Pioneer's Preference has been the catalyst for the development of the next generation of fully-automated ground stations which will be less expensive and easier to use than our prototypes in the field today." VITASAT is one part of a system called VITACOMM that also includes terrestrial digital packet radio networks in several countries (VITAPAC), and an electronic E-Mail system (VITANET). VITACOMM is designed to link people with the rest of the world. ------------- Nigel Allen, Toronto, Ontario ndallen@r-node.pci.on.ca ------------------------------ Subject: Attempted Mindvox Break-in From: mcmullen@mindvox.phantom.com (John F. McMullen) Date: Mon, 18 Jan 93 13:55:17 EST Organization: [Phantom Access] / the MindVox system The following was carried on {Newsbytes} today -- feel free to re-publish it (as long as it carries the permission). John THe following appeared on {Newbytes}, a copyrighted commercial service, on January 18, 1993. It is republished here with the express consent of the authors: Phantom Access Foils Cracking Attempt 01/18/93 NEW YORK, NEW YORK, U.S.A.,1993 JAN 18 (NB) -- An attempt to illegally break into, or "crack" the "Mindvox" conferencing stem contained in Phantom Access, a flat-rate New York-based online service recently featured in various news publications, was detected and rebuffed. Bruce Fancher, co-owner of Phantom Access, told {Newsbytes}, "There was no real damage and we have notified all of our users about the attempt in the hope that they will be even more conscious of security. The nature of this attempt points out one of the things that users of any on-line system must be aware of in order to protect her/his privacy." The attempt came to the attention of the owners of the system, Fancher and Patrick Kroupa, when subscribers reported receiving the following message: "It has been brought to my attention that your account has been 'hacked' by an outside source. The charges added were quite significant which is how the error was caught. Please temporarily change your password to 'DPH7' so that we can judge the severity of the intrusion. I will notify you when the problems has been taken care of. Thank you for your help in this matter. -System Administrator" The system owners immediately sent a message to all subscribers declaring the message to be fraudulent. In addition to pointing out the textual errors in the message -- for example, Mindvox is a "flat rate" system and charges are not accumulated -- the owners admonished users to both safeguard their passwords and insure that they are not easy to decipher. Fancher told {Newsbytes} that the review of Mindvox in a recent issue of Mondo 2000, its mention in an issue of {Forbes}, and his speaking engagements on behalf of the system have led to more rapid growth than had been anticipated. He said, "We are moving to larger space on February 1st and will be upgrading our equipment from a single Next system to multiple Suns. We will also increase the number of dial-in ports and greatly increase the speed of our Internet connection. We are very grateful for the user response to date." (Barbara E. McMullen & John F. McMullen/Press Contact: Bruce Fancher, Phantom Access, dead@phantom.com (e-mail), 212-254-3226, voice/19930115) ----------------- John F. McMullen mcmullen@mindvox.phantom.com Consultant, knxd@maristb.bitnet mcmullen@well.sf.ca.us Writer, 70210.172@compuserve.com mcmullen@panix.com Student, GEnie - nb.nyc mcmullen@eff.org Teacher ------------------------------ Date: Mon, 18 Jan 93 12:57:17 CST From: mattair@sun44.synercom.hounix.org (Charles Mattair) Subject: Alteration of Ring Cadence Organization: Synercom Technology, Inc., Houston, TX We've got three lines coming into our residence: . main number which rings downstairs (one two line phone upstairs) . modem number - no ringers attached . daughter's number which rings upstairs (one two line phone downstairs) Due to our house's layout and phone locations, you can hear any ringer throughout most of the house. The problem is exactly that -- which line is ringing. Converting all phones to multiline really isn't an answer -- they're expensive and we really don't need (want) access to both voice lines all over the house. Does anybody make a (relatively) inexpensive device to convert ring cadence. SWB does not offer alternate cadences on a primary number or I would do that. The order clerk suggested getting a second number with Distinctive Ring (sm) on one of the lines and not using the primary number for that line. Thanks. Charles Mattair mattair@synercom.hounix.org Any opinions offered are my own and do not reflect those of my employer. ------------------------------ From: dcoskun@alias.com (Denis Coskun) Subject: Do Telcos Record the Numbers of Local Calls? Organization: Alias Research, Inc., Toronto ON Canada Date: Tue, 19 Jan 1993 00:15:43 -0500 Do telcos record the dialed digits for all local calls? My back-of-the-envelope calculation suggests that it is entirely feasible for telcos to store the number of every single local call that you dial: In a city with 1,000,000 phones, with an average of 10 calls a day on each phone, and logging both origin and destination phone numbers (7 digits each, so 14 ASCII characters), such a log would consume just 1,000,000 * 10 * 14 = 140 Mbytes per day. That would fit on a tape which costs less than $20. If they do keep such logs, what do they use it for and how long do they keep it? And if not, how can you be sure that they don't? Are there laws anywhere that prevent such activity? There couldn't be a blanket restriction against it because they do log long distance calls. In regions where you have measured service for local calls (rather than a flat rate), do you get an itemized list of all your local calls? [Moderator's Note: We here in Chicago do not routinely get a detailed list of local calls, however it is possible, and I have received such a list when I requested it. I think they save the paper for a few months and the microfilm forever. This cuts both ways: When I once complained about excessive usage on my line, a prim and very smug service rep promised to send me the print out so I could see the error of my ways ... When I reviewed the print out in detail, I found a number of calls to internal numbers at IBT; that is, doing a cross-check of the name and address came up with results like 'IBT Company Supply Depot' and 'IBT Company Vehicle Repair Garage', all made at times like eight in the morning when I could not possibly have been at the phone in question. It turned out that a major (like 5000 pairs) demarc in the basement of the office building next door was a hangout for several installer/ repair guys who drank coffee and shot the bull there in their spare time. They also kept lots of supplies in a locker there. My line very conveniently showed up multipled on the first strip in that demarc; anyone calling the supply depot, their foreman, their wife or girlfriend, to get a truck, etc clipped their butt set right on there and made the call. When I called Ms. Prim back, we read selected parts of the print out together in unison. I told her, "I call that theft of service and/or fraud, what do you call it?" After a couple minutes on hold, her supervisor came on the line and told me IBT would write off *all* message units on my bill for the past three months. I told her that was very nice, but to please have her supervisor tell the outside plant supervisor to tell his foreman to tell his guys to lay off my line -- they must have one of their own down there they could use. The calls ceased after that. This all occurred in 1973, within months of the CO I was in then converting to ESS after 60 years of stepping switches. I might add they knew the SxS was on the way out; for the final six months of the old 'Wabash Cannonball' (Chicago-Wabash CO) they let it go to hell, doing absolutely no routine work at all, and it sounded like it at the end! :) PAT] ------------------------------ Date: Mon, 18 Jan 93 23:15:30 EST From: David Leibold Subject: Updated Bellcore Report on Future of N. American Number Plan I just received a document from Bellcore entitled "North American Numbering Plan Administrator's Proposal on the Future of Numbering in WZ1 - Second Edition", an update to last year's document outlining the future of North American telephone numbering. Like its predecessor, this document is being made available for general release to industry for review. There is a related industry forum scheduled for 16-18 March 1993 in the Washington DC area; comments will be handled under "ANSI procedures, i.e. a contribution-driven consensus process". There is "a recommendation to form both a world Zone 1 and a United states Numbering Steering Committee" in section 9 of the report. To obtain this document, try writing to Fred Gaechter, NANP Administration, Bellcore - Room 1B225, 290 West Mt Pleasant Avenue, Livingston NJ USA 07039 (fax +1 201 740.6860). I will review the document to see what other details are present. dleibold@vm1.yorku.ca ------------------------------ Subject: Top Ten Traumas? From: stapleton@bpavms.bpa.arizona.edu (Dr. Ross Alan Stapleton) Date: 18 Jan 1993 20:40 MST Organization: University of Arizona MIS Department While this is perhaps most appropriate to RISKS, and I'll solicit there as well, what would I need to list as the top ten cases of damage/loss due to telecommunications accidents, disasters, cases of sabotage, etc? I would call the Chicago flood such a thing, as one disaster caused a telecommunications failure, which in turn was disasterous in terms of those who were deprived services. The switching center power failure in New York that caused, among other things, the whole northeast air traffic control system to go comatose is another good candidate. Is there a good way to assess net losses, so as to ever produced a ranked list? Ross ------------------------------ Date: Mon, 18 Jan 93 15:12:01 +0200 From: spyros@isoft.intranet.gr (Spyros Bartsocas) Subject: Re: Area Code 610 The ad features an "International TeleFRIENDS" logo. The whole ad is in a box. In the border of the box the following countries are listed: MEXICO, USA, THAILAND, ITALY, AUSTRALIA, BELGIUM, HOLLAND, SPAIN, ENGLAND, GERMANY, CHILE, ARGENTINA, BRAZIL and something that ends in ANCE. The ad goes as follows: Do you speak any English? (This line in Greek) Do you want to make new friends all over the world? Call International Telefriends day or night and speak with up to 15 people at the same time about travel, life and romance. Call now! 001 610 204 2907 15 Seconds cost 107 Drachmas (this line in Greek). (This is a few cents less than 50 cents). In the same section of the paper there are three more adds. All of them list KING FISHER INC. Each add has in a different country code. All of them are sex lines. The first few digits of the numbers are: 00.852.17.nn.nn.nn.nn (cost 144 GDM/ 15 Sec) 00.611.41.nn.nn (cost 139 GDM/ 15 Sec) and 00 525 809 nn nn (cost 91 GDM/ 15 Sec) 00 525 809 nn nn ------------------------------ Date: Mon, 18 Jan 93 9:51:27 EST From: Carl Moore (VLD/VMB) Subject: Re: Area Code 610 By the way, those special services dialable only from overseas in "area 610" are on 610-204-xxxx, according to earlier postings. ------------------------------ Organization: The American University - University Computing Center Date: Mon, 18 Jan 1993 20:10:31 EST From: GHADSAL@AMERICAN.EDU Subject: Re: Can Paging Software Detect Alphanumerics? Brad, Everything depends upon the Paging Company's paging terminal and gateway. Most of the *new* paging terminal front ends handle it, but who in their right (business) mind would invest big bucks into new equipment that is planned on being obsolete in two years? My recommendation is to get really friendly with yur paging company, or a competitors technicans; sales people havent a clue, their job is sell. Hope this helps. Peace GuyH ------------------------------ From: Craig R. Watkins Subject: Re: Can Paging Software Detect Alphanumerics? Date: 18 Jan 93 11:25:40 EST Organization: HRB Systems, Inc. In article , mc/G=Brad/S=Hicks/OU= 0205925@mhs.attmail.com writes: > Is it possible under the IXO/TAP protocol, or any companies' > interpretations of it, to detect whether or not a particular pager > number can receive text pages? I haven't seen any indication. When we send IXO pages to digit display pagers, it just takes whatever numbers are in the message and sends them, ignoring all the alpha. > .... But the paging computer I call also sends > an error message, I think it's error message . This > is fine by the spec, which says that after you transmit, you're > supposed to ignore anything other than the ACK, NAK, or ESC-EOT. I have seen thoese "messages" come in different places from different switches. Some before the , some after, etc. > Now what I'd really like, is for the paging computer to detect that > I'm trying to send an alphabetic page to a numeric-only pager and give > me a with an error message that says so. I think what you mean is you want an followed by the message (which would mean a reject) rather than a which I've always interpreted as a data error which should be retried. > Would this be a reasonable thing to ask the folks at Cybertel and/or > Skytel to support? It would be nice info to know if the paging terminal knows. However to get it implemented, I'm not sure how much control they have over their paging terminal manufacturer. Since the protocol is pretty dumb to begin with and there's not much you can derive from it now, I'm not sure much software (other than possibly your's) would take advantage of it. Craig R. Watkins crw@icf.hrb.com HRB Systems, Inc. +1 814 238-4311 ------------------------------ From: rodg@extro.ucc.su.OZ.AU (Rod Gamble) Subject: Re: Good Opportunity For Fraud Organization: Sydney University Computing Service, Sydney, NSW, Australia Date: Mon, 18 Jan 1993 12:10:14 GMT > Bank card passwords are stored in encrypted form (one way encryption > using the DES algorithm on a combination of the account number, user > selected PIN and a few other things) which allows for local > verification of passwords but only by your own bank. There are two > different standards by which this is done, but each has a > bank-specific encryption key (often refered to as the Pin Verification > Key, or PVK). This key is kept highly confidential -- anyone with the > key could generate the hashed pin for each possible password (only > 10,000 in the typical four digit password) , compare each to the > hashed value on the card, and decode the PIN that way. > Your own back can verify the password within the ATM; other bank's ATM's ^^^^ > must query your bank via the network. About two or three years ago the Bank of England (for some reason or other) decided to find out what people used as words for there PINs . Well guess what ... If you found a BoE card in the street you had a 56% chance of using it in a ATM machine if you used a four lettered word beginning with F*** Only a 18% chance with S**T and 13% with C***. Either the Brits are very unimaginary (and I really don't think they are in the English speaking world) or that is probably the case both here or in the USA. It only left 13% with various other PINs. Also another bank in England again which had user choice numbers had a huge group of people that just used the last four digits of there telephone number. I can't remember what is was exactly but it was around the 40% mark. Gee just my luck to find one with a PIN of Rumplestiltskin!! Oh well Cheers de Rod ------------------------------ From: Patrick Lee Subject: Re: Good Opportunity For Fraud Date: Mon, 18 Jan 1993 18:33:21 -0500 (EST) eo@cbnewsb.cb.att.com (Ed Oliveri) wrote: > Are you sure this was Citibank? Every Citibank ATM I've seen > CANNOT eat a card since the card is dipped into the card > reader, never leaving the user's fingers. Our Moderator Noted: -> The Citibank ATM's in Chicago eat the card for a minute and -> spit it out when finished with it. I guess Chicago's Citibank has older ATM machines than we have here in New York City. I haven't seen any Citibank ATM machine which eats the card for the past few years. Just dip the card in and take it out and proceed with answering which of the five languages to use. Patrick ------------------------------ End of TELECOM Digest V13 #33 *****************************