Security of public network?

Of the various "Landline" phone methods (though there are likely others):

- fiber (i.e. FIOS)
- POTS (copper)
- VOIP (vonage)

Do they have equal weight when it comes to security of residential
communication, and the customer can boil it down to price?

Thanks.

Scott
_______________________________________________
Discuss mailing list
Discuss@...
http://lists.blu.org/mailman/listinfo/discuss

Scott Ehrlich wrote:
> Of the various "Landline" phone methods (though there are likely others):
>
> - fiber (i.e. FIOS)
> - POTS (copper)
> - VOIP (vonage)
>
> Do they have equal weight when it comes to security of residential
> communication, and the customer can boil it down to price?

Depends what kind of security you're talking about.  None of those use
encryption, and all can be "wiretapped" by various means.  For someone who is
not law-enforcement, there may be different severity of penalties for someone
illegally snooping on the different classes of wire (supposing they get caught).

The CALEA law (and subsequent ammendments to it) updated the Wiretap Act and
the ECPA to include the non-POTS options on your list.  So from a
law-enforcement point of view, they should be equivalent: if the police tap
any of those without a warrant, any evidence gathered will (should?) be
inadmissible in court.  There's an interesting discussion on wikipedia:
http://en.wikipedia.org/wiki/Lawful_interception

This also has some good info:
"http://cyber.law.harvard.edu/privacy/Statutory Summaries for Module IV.htm"

To the last part of your question ("[can] the customer can boil it down to
price?"), you also have to consider link quality.  I've used all three of
those, plus Comcast's brand of VOIP (note that Verizon patents mean that
vonage and comcast avoid the term "VOIP" like the plague).  I've got FIOS now,
and the Verizon box connected to my house telephone wiring doesn't seem to
have enough juice: I can't have two phones active at once in the house (i.e.
multiple people sharing a line so that both my wife and I can talk to my
parents at the same time).

Comcast's internet-phone stunk.  It would often cut off the first word you
said, so if you were trying to answer questions with one-word answers, it made
for a difficult conversation.

I used Vonage (over Comcast) for a while, and that wasn't too bad.  A little
bit of the same issue that Comcast's phone service had, but not as bad (it
only happened occasionally, versus every single call for Comcast).  Cheaper too.

Note that some of the bandwidth shaping technologies that Comcast wants to use
would really kill vonage, because of the specific way they implement bandwidth
limiting (the latency increases would be disasterous for third-party
phone-over-internet providers like vonage).  I stopped paying attention to
what Comcast was doing as soon as I could dump them for FIOS, so I'm not sure
how that situation has panned out (or how it's been evolving).

Matt

_______________________________________________
Discuss mailing list
Discuss@...
http://lists.blu.org/mailman/listinfo/discuss

On Tue, Jun 30, 2009 at 07:47:35AM -0400, Scott Ehrlich wrote:
> Of the various "Landline" phone methods (though there are likely others):
>
> - fiber (i.e. FIOS)
> - POTS (copper)
> - VOIP (vonage)
>
> Do they have equal weight when it comes to security of residential
> communication, and the customer can boil it down to price?

Yes. None of them offer any security at all, so you need to run
your own firewall and crypto on all of them.

-dsr-


--
http://tao.merseine.nu/~dsr/eula.html is hereby incorporated by reference.

You can't defend freedom by getting rid of it.
_______________________________________________
Discuss mailing list
Discuss@...
http://lists.blu.org/mailman/listinfo/discuss

I think more in direct answer to Scott's question, I think that POTS is
probably easier from a technical point of view because it is a simple
copper connection. Anyone with a portable phone can very easily connect
in a lot of different places. Fibre requires more skill and equipment.
That said, I want to comment on Matt's comment about Comcast Voice. I
converted to Comcast Digital Phone a number of years ago. This was a
copper connection to the pole. It was cheaper and more reliable than
Verizon in my neighborhood at the time. When Comcast offered Digital
Voice (VOIP) I switched because it was considerably cheaper. The line
has been clear and reliable. The only problem in the past few years was
that we had a cable outage a few weeks ago, but that was cleared up in
an hour or so. My friend also switched to Comcast, and is very happy
with the service. My mother's condo buiding has FIOS, and other than an
initial problem her Verizon service has been excellent. Note that
Comcast's Digital Voice does not go through the Internet, it is
connected to the phone system at the Comcast office, so there should be
no propagation delay caused by the Internet.

On 06/30/2009 09:06 AM, Matthew Gillen wrote: --
Jerry Feldman <gaf@...>
Boston Linux and Unix
PGP key id: 537C5846
PGP Key fingerprint: 3D1B 8377 A3C0 A5F2 ECBB  CA3B 4607 4319 537C 5846



_______________________________________________
Discuss mailing list
Discuss@...
http://lists.blu.org/mailman/listinfo/discuss

Scott Ehrlich <srehrlich@...> writes:

> Of the various "Landline" phone methods (though there are likely others):
>
> - fiber (i.e. FIOS)
> - POTS (copper)
> - VOIP (vonage)
>
> Do they have equal weight when it comes to security of residential
> communication, and the customer can boil it down to price?

I think that fiber is probably the most secure; it's hard to tap into
the fiber mid-stream.  I think POTS is probably a LITTLE more secure
than VOIP, although you can theoretically encrypt VOIP ( but nobody does )
I say POTS is more secure because you would need to physically tap into
the wire whereas you could pick up your neighbor's VOIP packets with a
software misconfiguration.

> Thanks.
>
> Scott

-derek
--
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@...                        PGP key available
_______________________________________________
Discuss mailing list
Discuss@...
http://lists.blu.org/mailman/listinfo/discuss

On Jun 30, 2009, at 7:47 AM, Scott Ehrlich wrote:
> Do they have equal weight when it comes to security of residential
> communication, and the customer can boil it down to price?

What do you mean by "security"?

--Rich P.

_______________________________________________
Discuss mailing list
Discuss@...
http://lists.blu.org/mailman/listinfo/discuss

Scott,

IMHO, if it needs to be secure, don't transmit it over a network.
If you must transmit it, encrypt it.

To encrypt, you can encrypt your transmission media, AND encrypt your
message.
Like, encrypt your email, and only transfer the file that contains the email
over an
encrypted tunnel.

Still, if it goes into the hands of another vendor (think TimeWarner,
Comcast, ATT, etc)
ASSUME it is not encrypted and available for others to read out of the
'ethers' of the
internet.

There are 'secured networks' available for a price.  I have used S.W.I.F.T.
( swift.com )
when working for a bank in the past.  They are the private consortium that
the EU chose
to implement the EU version of the US FedWire network that the USA uses to
transfer
money between bank and the federal reserve.

Some banks are also on SWIFT and can send secured messages, including wire
transfers,
internationally (or domestically).

Neither SWIFT or FedWire are 'plug and play' solutions.  In general, each
uses
regular 'last mile' solutions (ususally redundant), but the routers on each
end are
encrypting routers, that only tend to do point to point communications.

SWIFT changed over a few years ago to using a private secured world wide
IP network.

As you can tell, I was impressed with SWIFT, their support, and training.
Swift also has a 'secured commercial' product, to allow corporations to have
secured
IP communications.  It does NOT go over the open internet.

Media that SWIFT uses, for us (very low traffic) was ISDN and used Netscreen
encrypting
endpoint routers.  The ISDN dialed into their 'secured hubs', and went out
onto their network
from there (similar to a dial-up ISP, but totally encrypted).  Their
products increased to frac-T1's,
full T and D type network connections, and I am sure others.  But don't
expect to pay
'commodity networking' prices either.

The preferred carrier for SWIFT is your local telco, and they get it onto an
AT&T based
system 'quickly' to get it into the secured SWIFT network.  BTW, SWIFT is
owned by member
banks and is based in Belgum.  It is not a governmental entity (officially
or legally).

All this is to say that FedWire is also a secured (butI I think it is still
SDLC rather than IP based),
and is not available outside the banking world.

Many large companies run their own networks if they consider it is needed
and have for many
years, but going over common carriers for IP is becoming more common, and
just encrypting
their traffic using secured tunnels.  Many Cisco and NetScreen (and others)
provide 'encrypting
routers' so you don't need another 'secured server' to do it for you.

I hope this helps a little.

IHS ... Jack


On Jun 30, 2009, at 7:47 AM, Scott Ehrlich wrote:
> > Do they have equal weight when it comes to security of residential
> > communication, and the customer can boil it down to price?
>
_______________________________________________
Discuss mailing list
Discuss@...
http://lists.blu.org/mailman/listinfo/discuss