Path: utzoo!censor!geac!torsqnt!news-server.csri.toronto.edu!bonnie.concordia.ca!uunet!bu.edu!nucsrl!telecom-request From: macy@fmsystm.uucp (Macy Hallock) Newsgroups: comp.dcom.telecom Subject: Re: What are Secure Lines? Message-ID: <72226@bu.edu.bu.edu> Date: 13 Jan 91 16:06:00 GMT Sender: news@bu.edu.bu.edu Organization: F M Systems, Inc. Medina, Ohio USA +1 216 723-3000 Lines: 158 Approved: Telecom@eecs.nwu.edu X-Submissions-To: telecom@eecs.nwu.edu X-Administrivia-To: telecom-request@eecs.nwu.edu X-Telecom-Digest: Volume 11, Issue 35, Message 1 of 6 In article <16014@accuvax.nwu.edu> JR writes: >> Never say ANYTHING on the black {i.e. non-STU} phone you don't want to read >> about tomorrow in the {Washington Post}. >Although your was an EXCELLENT discussion of the "how to" and "why use >a" secure (a) line, but it sure makes ordinary loops sound virtually >non-private! Well, that's because its true. Most of the security we have on normal telephone loops is primarily due to the ignorance of the masses of telecom technology. The casual layman is unable to do much with that mysterious telephone wire... This is changing. Prior to deregulation, or better yet, Carterphone (1968) the telco's did everything they could to keep the information to themselves. It was to their benefit, and they were successful. The only others who knew much about telecom were very large organizations, such as governmental or multi-national groups who had internal communications networks independant of the telco's. Now, you can go to Radio Shack or your local library and obtain a text with accurate and understandable information regarding common telecom technology. The local loop is now considerably less of a mystery. Many people are able to work with the standard two wire loop telephone line. And they do. My sons are familiar with this technology, and either one of them could do a good job of tapping a line with less than $ 10.00 worth of overpriced parts from Radio Shack ... or some of the junk in their workshop. I can assure you they are not unique. (I do wish more of our youth were more technically adept...) >Virtually everything I have heard in the course of my years has not >been memorable, yet ordinary subscribers are increasing concerned >about the security of their ordinary transmissions! Having owned an alarm company for fifteen years, I can assure you that more and more people are becoming concerned about the security of their telecommunications. Much of this concern is based on what they have seen television or rumor. What is important is that they feel compromise of their telecommunications is not only possible, but probable under the right set of circumstances. They also beleive that since they have seen it done with reliative ease, and in a manner they understand (namely cutting a wire or clipping a couple of wires onto a terminal) that it can be done just as easily to them. >I had a new-home installation recently where the subscriber insisted >that the Network Interface be placed INSIDE the home, and that the >dropwire enter the foundation BELOW grade! The customer's primary >concern was the integrity of his home security system. >After two hours and a dozen calls, we (US WEST Communications/NE) >acquiesed and accomodated the customer. I explained that all a >reasonably skilled burglar would have to do was to simply walk out to >the wirepost in front and cut the line. He was not swayed. This is a common requirement in our alarm installations. The phone companies here are grudgely cooperative, but are always trying to discourage it, often by levying ridiculous fees. The argument the phone companies make is that complicates their testing. Note that these are the same phone companies that send out newsletters crowing about their abilities to test lines remotely, without entering the premises. The idea here is to discourage the casual burglar easy compromise of the phone line. We also ensure the line going up the pole is in rigid metal conduit. We also seem to find most of the pedestals (terminals for buried cables) unlocked or unbolted, and require the phone company to secure these terminals in accordance with their own policies. Of course, the professional burglar will know how to effect a compromise of the buried phone line, but we aim to make his job as tough as possible. In some installations, we even leave a decoy conventional telephone terminal on the side of the house. On others, we will have two separate buried phone lines entering from two different places on the premises ... all of which is carefully monitored and alarmed. Since the phone companies have priced conventional leased alarm lines and other special services so outlandishly now, most home and business owners are now using the standard phone line for alarm transmission, just as the phone company intended. Yet they place obstacles in the way of those who try and secure these facilities, since the phone company will not. In most cases, these additional security arrangements actually increase the reliability of the phone line. I might add that the phone companies have begun to offer the "piggyback" alarm transmission services in some large cities. These use the regular phone line to provide both dial tone and a relatively sercure supervised (monitored) link between the CO and premises. The charge to the home/business owner is even fairly reasonable. The charges to the alarm company are not reasonable. The special circuits and backbone arrangements required are expensive and not able to be afforded except by the largest alarm companies, and then only in densely populated areas. In instances where we need extra phone line security at a premises, we now use cellular telephone data links through the regular cellular carriers. This does no good for those outside cellular service areas, though. >Another customer had their security system installer build a wooden >box around the protector housing and (drop) riser tube, complete with >magnetic switch! Explaining to the customer that two minutes (or >less) with a tile spade would circumvent THAT safeguard (dig up and >cut the shallow drop). Yes, we have done that, too, for a customer. I might add we have acutally stopped several burglary attempts with these measures, and have even had a few apprehensions, too. The customers seem pleased with the results. The phone company's answer, when shown this information was either "lease a line and pay the bill" or "sorry, nothing we can do". >In my (not yet) vast experience, I have encountered only ONE "tap" and >it was merely a (convicted) case of "Theft of Services"!! >Has there been much (any) traffic here regarding unauthorized entry >into residential SNIs (Standard (telephone) Network Interfaces - >complete with working, RJllC jack) on the backs of homes? I recall >seeing a short bit about it on CNN Headline News a couple of years >ago. Yes, we have had several experiences. Besides compromises to service for burglary, we have seen a couple of taps. In both cases, the local phone company and police department did little about it. We counseled the customer to seek legal counsel and consider a suit. In both cases, the client did not want the publicity a suit would bring. (One of these clients was a judge, the other involved in a very messy divorce case) We also find that customers are willing to use network interfaces for their intended purpose (testing the outside phone line to locate a line fault) more readily when they can access the interface jack easily. A closet or basement location seems ideal. In many condo's we have worked on, they are in the closet in the garage. When customers test their phone line at the network interface when their phones do not work, everyone wins. The phone companies here act as thought they are trying to discourage this testing by customers ... although that's not what they say. I wonder if this might have anything to do with their attempts to sell inside wire maintenance for revenue enahancement? >Our SNI vendor (Seicor) finally replaced the "can wrench" bolt with >the Allen/Torx-like-headed bolt. GREAT! Just another tool to carry >to the back of each house! Still not terribly secure. In this area, the phone installers do not even want to tighten the bolts on their terminals. The SNI's here have a plastic door that snaps shut, along with a place to put a lock. No lock is ever used, though. (Not that it would offer much security, anyway) Macy M. Hallock, Jr. macy@fmsystm.UUCP macy@NCoast.ORG uunet!aablue!fmsystm!macy