If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(LA Times)   911 what's your emergenc**Connection reset by peer**   (latimes.com) divider line 45
    More: Scary, VoIP, connectedness, denial-of-service attack, IP phone, emergency operations center, caller ID, independent sources, Internet Crime Complaint Center  
•       •       •

9008 clicks; posted to Main » on 19 Jul 2013 at 10:23 AM (1 year ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



45 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest
 
2013-07-19 10:26:05 AM  
Even the 911 webservers are uppity.
 
TWX
2013-07-19 10:30:57 AM  
It all depends on how the network administrator configures the network, and where the use of IP comes in to play.

If the service connect from the telephone company is on a private network rather than the Internet, and if it separately routes into the existing organization's network, and if the network engineers have QoSed the network to give proper priority to IP telephony, then it shouldn't really be too much of a problem.

If they use the same connection to the world that their public face on the Internet uses and just route the traffic in, or if their gateway information to the public Internet is made known, then certainly there's room for problems.

There are all sorts of other issues with IP telephony, so this is fairly low on my list. I'm much more worried about power outages taking down telecom closets and the switches needed to run the phones, so suddenly in a power outage one cannot call emergency services. a POTS line or an internal phone system that works like a POTS line where the entire building's phone system runs off of a single battery bank or generator reduces the number of points of failure and increases overall reliability. Copper ethernet is limited to 300' lengths, so one has to have telecom closets for local distribution, while regular telephones can go thousands of feet over copper, allowing all cables to run back to one central location in a building or campus.
 
2013-07-19 10:34:29 AM  
Headline implies 911 is on IRC now... Can just see irc.efnet.net channel #911...

"Sorry, we cannot dispatch an officer to help you- you're not registered with NickServ."
 
2013-07-19 10:37:12 AM  
www.latimes.com

As long as they don't take down our ability to monitor infomercials (lower right) and food commercials (lower left), we'll be okay.
 
2013-07-19 10:39:04 AM  

TWX: There are all sorts of other issues with IP telephony, so this is fairly low on my list. I'm much more worried about power outages taking down telecom closets and the switches needed to run the phones, so suddenly in a power outage one cannot call emergency services. a POTS line or an internal phone system that works like a POTS line where the entire building's phone system runs off of a single battery bank or generator reduces the number of points of failure and increases overall reliability. Copper ethernet is limited to 300' lengths, so one has to have telecom closets for local distribution, while regular telephones can go thousands of feet over copper, allowing all cables to run back to one central location in a building or campus.


Shut up, bellhead.  It's not 1980 anymore.
 
2013-07-19 10:41:39 AM  
what's his /b/ handle?
 
2013-07-19 10:42:08 AM  

TWX: It all depends on how the network administrator configures the network, and where the use of IP comes in to play.

If the service connect from the telephone company is on a private network rather than the Internet, and if it separately routes into the existing organization's network, and if the network engineers have QoSed the network to give proper priority to IP telephony, then it shouldn't really be too much of a problem.

If they use the same connection to the world that their public face on the Internet uses and just route the traffic in, or if their gateway information to the public Internet is made known, then certainly there's room for problems.

There are all sorts of other issues with IP telephony, so this is fairly low on my list. I'm much more worried about power outages taking down telecom closets and the switches needed to run the phones, so suddenly in a power outage one cannot call emergency services. a POTS line or an internal phone system that works like a POTS line where the entire building's phone system runs off of a single battery bank or generator reduces the number of points of failure and increases overall reliability. Copper ethernet is limited to 300' lengths, so one has to have telecom closets for local distribution, while regular telephones can go thousands of feet over copper, allowing all cables to run back to one central location in a building or campus.


"Which one (costs less || is easiest to implement)? Cause that's the one one we're going with. This department's budget doesn't exist to pay for every cool gadget that catches your eye. And I think you make some of this stuff up. I looked on eBay and couldn't find a single 'incorruptible power supplier '."
 
2013-07-19 10:44:57 AM  
Sounds like they did a little IP trolling, found their SIP gateway IP sitting WIDE FARKING OPEN, on port 5060/61 and exploited their insecure network.


Morans. They deserve to have it compromised.
 
2013-07-19 10:45:41 AM  

TWX: It all depends on how the network administrator configures the network, and where the use of IP comes in to play.

If the service connect from the telephone company is on a private network rather than the Internet, and if it separately routes into the existing organization's network, and if the network engineers have QoSed the network to give proper priority to IP telephony, then it shouldn't really be too much of a problem.

If they use the same connection to the world that their public face on the Internet uses and just route the traffic in, or if their gateway information to the public Internet is made known, then certainly there's room for problems.

There are all sorts of other issues with IP telephony, so this is fairly low on my list. I'm much more worried about power outages taking down telecom closets and the switches needed to run the phones, so suddenly in a power outage one cannot call emergency services. a POTS line or an internal phone system that works like a POTS line where the entire building's phone system runs off of a single battery bank or generator reduces the number of points of failure and increases overall reliability. Copper ethernet is limited to 300' lengths, so one has to have telecom closets for local distribution, while regular telephones can go thousands of feet over copper, allowing all cables to run back to one central location in a building or campus.


All of this is, of course, true.

Last week, power due to flooding took out Toronto's downtown grid for several hours, after which we enjoyed a series of "rolling blackouts". I took my old and slightly crackly Northern Telecom pushbutton desk phone (circa 1975, I'm guessing) and unplugged the cordless, shut off the cell phones (reception was badly degraded...not dead, but "one bar" in a place where it's nearly impossible NOT to see a cel tower or brackets hanging off buildings), and enjoyed the nice, 48 VDC-powered dial tone.

My son had no clue that the landline system had a separate power source and (usually) would continue to work when the domestic electricity grid was down.

So count me as a continuing fan of landlines. My tenants have only cellphones. A lot of people have "cut the cord" like that's a good thing.

CSB: In 1999, I was a tech writer and I went to a demonstration of Qualcomm's first VOiP handheld. The concept, even to tech writers familiar with the field, took a little effort in terms of selling it as a "feature". We listened to a VOiP call with a Qualcomm executive that featured the all-too-familiar "shouting down a well with a black hole at the bottom" distortions and drop-outs. Frankly, it wasn't too impressive, although it was a precursor of Skype and other slightly wonky but useful applications.

At the demonstration, one smart-ass asked if VOiP could be hacked. An engineer said that a VOiP call was functionally indistinguishable from any other data stream and could therefore experience a DoS at the server level or could be otherwise recorded or monitored with varying degrees of difficulty. An executive quickly mentioned the viability of encryption-on-the-fly, which seemed to satisfy people.

Nobody mentioned the "last 300 feet of copper" issue, or what happened when the server closet went dark. Hell, don't harsh our mellow brave new world, dude!
 
2013-07-19 10:46:42 AM  
So in addition to a 911 fee there needs to be a "making 911 actually work" fee.
 
TWX
2013-07-19 10:46:43 AM  

Molavian: Shut up, bellhead.  It's not 1980 anymore.


*laugh*

In my opinion, real landline telephone advances from a caller's perspective stopped in the sixties with the introduction of pushbutton dialing and the cordless handset. One picks up the phone, presses some buttons, and if someone picks up at the other end, gets to talk to them. That's about it. It shouldn't matter to the user how their conversation gets from their handset to the other party's handset, over a copper pair, over a trunk cable, over T1, over OC3, or over metro optical ethernet, or over cablemodem VOIP. Doesn't matter.
 
2013-07-19 10:48:22 AM  

Harry Freakstorm: [www.latimes.com image 600x368]

As long as they don't take down our ability to monitor infomercials (lower right) and food commercials (lower left), we'll be okay.


A man has got to eat.
 
2013-07-19 10:49:14 AM  
Let me revise this further. If whomever administers that VoIP network had even the slightest clue how to set up and secure a simplified VoIP solution this would never be an issue. Inbound calls to through an SBC or perhaps directly to the SIP server should be communicating via SSL for starters, sharing a key between them. Not identified? Fark you, you can't establish the session and it's dropped on the floor. Farking secure proxies are also integral in guaranteeing call integrity.

How the hell do the wireless carriers manage to implement VoIP over their massive networks without problems? Oh wait, I know...they know what they're doing.
 
2013-07-19 10:50:46 AM  
"someone expires due to an attack," says the network security geek.

Cookies expire, asshole; people DIE!
 
2013-07-19 10:55:07 AM  

TWX: It all depends on how the network administrator configures the network, and where the use of IP comes in to play.

If the service connect from the telephone company is on a private network rather than the Internet, and if it separately routes into the existing organization's network, and if the network engineers have QoSed the network to give proper priority to IP telephony, then it shouldn't really be too much of a problem.

If they use the same connection to the world that their public face on the Internet uses and just route the traffic in, or if their gateway information to the public Internet is made known, then certainly there's room for problems.

There are all sorts of other issues with IP telephony, so this is fairly low on my list. I'm much more worried about power outages taking down telecom closets and the switches needed to run the phones, so suddenly in a power outage one cannot call emergency services. a POTS line or an internal phone system that works like a POTS line where the entire building's phone system runs off of a single battery bank or generator reduces the number of points of failure and increases overall reliability. Copper ethernet is limited to 300' lengths, so one has to have telecom closets for local distribution, while regular telephones can go thousands of feet over copper, allowing all cables to run back to one central location in a building or campus.


Do you know why ethernet is "limited" to three hundred feet? Hint: it's not.
 
2013-07-19 10:55:33 AM  

Enormous-Schwanstucker: Sounds like they did a little IP trolling, found their SIP gateway IP sitting WIDE FARKING OPEN, on port 5060/61 and exploited their insecure network.


Morans. They deserve to have it compromised.


Yeah, the probably had breakable glass windows too, should have been robbed!
 
2013-07-19 10:56:32 AM  

TWX: It all depends on how the network administrator configures the network, and where the use of IP comes in to play.

If the service connect from the telephone company is on a private network rather than the Internet, and if it separately routes into the existing organization's network, and if the network engineers have QoSed the network to give proper priority to IP telephony, then it shouldn't really be too much of a problem.

If they use the same connection to the world that their public face on the Internet uses and just route the traffic in, or if their gateway information to the public Internet is made known, then certainly there's room for problems.

There are all sorts of other issues with IP telephony, so this is fairly low on my list. I'm much more worried about power outages taking down telecom closets and the switches needed to run the phones, so suddenly in a power outage one cannot call emergency services. a POTS line or an internal phone system that works like a POTS line where the entire building's phone system runs off of a single battery bank or generator reduces the number of points of failure and increases overall reliability. Copper ethernet is limited to 300' lengths, so one has to have telecom closets for local distribution, while regular telephones can go thousands of feet over copper, allowing all cables to run back to one central location in a building or campus.


No, it all depends on if they even bothered spending money on an actual admin or just went the cheapest contract route they could find.

/You confused technical accuracy for normal business practice.
 
TWX
2013-07-19 10:58:40 AM  

Valiente: Last week, power due to flooding took out Toronto's downtown grid for several hours, after which we enjoyed a series of "rolling blackouts". I took my old and slightly crackly Northern Telecom pushbutton desk phone (circa 1975, I'm guessing) and unplugged the cordless, shut off the cell phones (reception was badly degraded...not dead, but "one bar" in a place where it's nearly impossible NOT to see a cel tower or brackets hanging off buildings), and enjoyed the nice, 48 VDC-powered dial tone.

My son had no clue that the landline system had a separate power source and (usually) would continue to work when the domestic electricity grid was down.

So count me as a continuing fan of landlines. My tenants have only cellphones. A lot of people have "cut the cord" like that's a good thing.


I'm actually on the lookout for Western Electric 2554 wall-mount touchtone phones. There are four places for wall phones in my house and workshop, and while the previous owners left the trimline phones, I just don't like them as much as the 500-series handset. (I even bought a 500-series-lookalike handset for my cellphone, but that's another story) I already have a handful of 2500 tabletop phones for the relevant locations.

I especially wanted the 2554 for the workshop, as sometimes I have to answer the phone when my hands are covered in grease from working on the car, and since the handset doesn't have any moving parts it's much easier to clean if needed.

Sometimes I think that deregulation spurred on the consumer cell phone because of the poor quality of cheap post-deregulation phones. My folks had some really crappy trimline-copies when I was a kid, including one with a ringer so poorly designed that if someone was on a different phone in the house, the conversation was barely audible out of the ringer with the phone on-hook. With such terrible landline handsets becoming so common it made a cell phone even more attractive, at least the crappy call quality can be blamed on radio...
 
2013-07-19 11:04:14 AM  

Enormous-Schwanstucker: Sounds like they did a little IP trolling, found their SIP gateway IP sitting WIDE FARKING OPEN, on port 5060/61 and exploited their insecure network.


Morans. They deserve to have it compromised.


Look, if this was just a function of making IT guys look like asses, I'd be onboard, but you're talking about endangering real people's lives to do it, and I think that should send people to jail for a very very long time.
 
2013-07-19 11:04:49 AM  

Harry Freakstorm: [www.latimes.com image 600x368]

As long as they don't take down our ability to monitor infomercials (lower right) and food commercials (lower left), we'll be okay.


i36.photobucket.com
 
2013-07-19 11:04:58 AM  

Harry Freakstorm: [www.latimes.com image 600x368]



Why would you post that?!? They'll see everything! They'll see the big board!
 
TWX
2013-07-19 11:07:45 AM  

UsikFark: Do you know why ethernet is "limited" to three hundred feet? Hint: it's not.


Ever try getting a gigabit over Cat5e connection to reliably work in excess of 350'? It probably won't...

We routinely connect users at 600' over 10BaseT because some idiot years ago didn't follow the spec and ran cables that long. We sometimes get 100BaseTX to come up at 400', but it generally doesn't work over longer distances. Gigabit really struggles over 350'. Even gigabit over single-mode OM1 fiber has issues over 1000' and requires mode-conditioning cables and LX transceivers to make it work.

That standard, as annoyingly limited as it is, seems to be there for a reason.
 
2013-07-19 11:07:52 AM  

Livingroom: Headline implies 911 is on IRC now... Can just see irc.efnet.net channel #911...

"Sorry, we cannot dispatch an officer to help you- you're not registered with NickServ."


EFnet technically doesn't have nickserv ;)
 
TWX
2013-07-19 11:09:14 AM  

BigNumber12: Harry Freakstorm: [www.latimes.com image 600x368]


Why would you post that?!? They'll see everything! They'll see the big board!


This clumsy fool tried to plant that ridiculous camera on me!

/wishing they'd left the foodfight scene in
 
2013-07-19 11:11:41 AM  

Carousel Beast: No, it all depends on if they even bothered spending money on an actual admin or just went the cheapest contract route they could find.

/You confused technical accuracy for normal business practice.


i220.photobucket.com
 
2013-07-19 11:14:55 AM  

firefly212: Enormous-Schwanstucker: Sounds like they did a little IP trolling, found their SIP gateway IP sitting WIDE FARKING OPEN, on port 5060/61 and exploited their insecure network.


Morans. They deserve to have it compromised.

Look, if this was just a function of making IT guys look like asses, I'd be onboard, but you're talking about endangering real people's lives to do it, and I think that should send people to jail for a very very long time.



Agreed. But sadly sometimes you need something like this to illustrate how badly a system is managed. It would be nice to see someone locked up for this but I doubt they will catch them.
 
2013-07-19 11:18:11 AM  
I have to wonder what would is IS most likely even more upsetting is this was most likely done from another country where most of our phone services jobs help has been sent, so they have the access to do this. This also makes it close to impossible to trace or prosecute.
 
TWX
2013-07-19 11:20:42 AM  

Carousel Beast:
No, it all depends on if they even bothered spending money on an actual admin or just went the cheapest contract route they could find.

/You confused technical accuracy for normal business practice.


I wish that we could blame it on being the cheapest route. It's more like, who has the most-likeable salespeople and can make the most empty promises?
 
2013-07-19 11:25:29 AM  

Molavian: Carousel Beast: No, it all depends on if they even bothered spending money on an actual admin or just went the cheapest contract route they could find.

/You confused technical accuracy for normal business practice.

[i220.photobucket.com image 266x319]


Oh, I'm not trying to show anyone up, and TWX was perfectly reasonable. I'm just injecting a bit of (depressing) realism into it.
 
2013-07-19 11:33:26 AM  

Enormous-Schwanstucker: Sounds like they did a little IP trolling, found their SIP gateway IP sitting WIDE FARKING OPEN, on port 5060/61 and exploited their insecure network.


Morans. They deserve to have it compromised.


In all fairness, that's like saying "the firefighters left their truck unguarded for a minute. They deserved to have all their hoses box-cuttered, the morans!"

Exploits on your Minecraft server have no consequences save for making 11 year olds unhappy. Reaming out the 911 network can kill people.  Because the net admin was sub-par merits the pointing out to the owners of the network where and in what sense they are vulnerable...not just a takedown "because you can".
 
2013-07-19 11:44:03 AM  

UsikFark: TWX: It all depends on how the network administrator configures the network, and where the use of IP comes in to play.

If the service connect from the telephone company is on a private network rather than the Internet, and if it separately routes into the existing organization's network, and if the network engineers have QoSed the network to give proper priority to IP telephony, then it shouldn't really be too much of a problem.

If they use the same connection to the world that their public face on the Internet uses and just route the traffic in, or if their gateway information to the public Internet is made known, then certainly there's room for problems.

There are all sorts of other issues with IP telephony, so this is fairly low on my list. I'm much more worried about power outages taking down telecom closets and the switches needed to run the phones, so suddenly in a power outage one cannot call emergency services. a POTS line or an internal phone system that works like a POTS line where the entire building's phone system runs off of a single battery bank or generator reduces the number of points of failure and increases overall reliability. Copper ethernet is limited to 300' lengths, so one has to have telecom closets for local distribution, while regular telephones can go thousands of feet over copper, allowing all cables to run back to one central location in a building or campus.

Do you know why ethernet is "limited" to three hundred feet? Hint: it's not.


Well, "to sell more Cat 5e and 6", for starters, but I imagine induction comes into the mix at some point. Off-topic: This is of interest to me because I'm networking a steel boat with Ethernet as opposed to NMEA 2000, Seatalk or the other proprietary, and exceedingly expensive, solutions.
 
2013-07-19 11:45:59 AM  

TWX:  I'm much more worried about power outages taking down telecom closets and the switches needed to run the phones, so suddenly in a power outage one cannot call emergency services.


All that hardware is supposed to have at least 24 hours of backup battery power
 
2013-07-19 11:46:48 AM  

Enormous-Schwanstucker: Sounds like they did a little IP trolling, found their SIP gateway IP sitting WIDE FARKING OPEN, on port 5060/61 and exploited their insecure network.


Morans. They deserve to have it compromised.


Especially those lame-o's who had an emergency and had to call 911. Fark those losers.
 
2013-07-19 11:48:00 AM  

Valiente: In all fairness, that's like saying "the firefighters left their truck unguarded for a minute. They deserved to have all their hoses box-cuttered, the morans!"


Or, more accurately: "Those firefighters didn't bother to arm themselves before they went out on a call. They totally deserved to be kidnapped and held for ransom."

The cases mentioned in the article aren't some sort of noble white-hats out to further the public good. They aren't highlighting weak national defense systems that would be obvious targets for the Chinese or Russians. They're greedy parasites trying to make a few dollars by attacking some of the most sacred pillars of civilization. Fark 'em.
 
2013-07-19 11:53:54 AM  
TWX: Sometimes I think that deregulation spurred on the consumer cell phone because of the poor quality of cheap post-deregulation phones. My folks had some really crappy trimline-copies when I was a kid, including one with a ringer so poorly designed that if someone was on a different phone in the house, the conversation was barely audible out of the ringer with the phone on-hook. With such terrible landline handsets becoming so common it made a cell phone even more attractive, at least the crappy call quality can be blamed on radio...

I tend to agree. My push-button desk phone is ridiculously solid and seems impervious to damage from countless two- and three-foot falls. My floor, less so. By contrast, I have a laundry basket of '80s and '90s wired handsets that are garbage, and yet from which my late parents couldn't part, due to that scanvenger, war-drive mentality of people born in the '30s and '40s.

If I could find something like a 2554, I would do the same and for the same reasons. There are models with pots in the handgrip for loud work environments. One in the garage makes considerably more sense than a cell phone involving me trying to hit a tiny button while wearing welder's gloves.
 
2013-07-19 11:55:48 AM  

TWX: Carousel Beast:
No, it all depends on if they even bothered spending money on an actual admin or just went the cheapest contract route they could find.

/You confused technical accuracy for normal business practice.

I wish that we could blame it on being the cheapest route. It's more like, who has the most-likeable salespeople and can make the most empty promises?


Don't bring politics and religion and sex into this.
 
2013-07-19 12:16:41 PM  
The NSA, of course, can't be bothered with issues like this, not when they're spending billions of taxpayer dollars on spying on Americans instead of protecting national security.
 
2013-07-19 12:18:25 PM  
IANATE but w.r.t. POTS, isn't it likely that in the coming years that VOIP ends up being used by the Telco upstream of your POT, negating the benefits of POTS?

A few years ago a large windstorm took out power to my town for about a week. Internet was out immediately and eventually we lost cell service as well. Somehow I survived. The only threat was boredom, really. Now I have a generator so I would be able to watch movies and play xbox (aka the essentials of life).
 
2013-07-19 12:23:54 PM  
I should think this deserved the OBVIOUS tag more than SCARY.
 
2013-07-19 12:26:59 PM  

firefly212: The NSA, of course, can't be bothered with issues like this, not when they're spending billions of taxpayer dollars on spying on Americans instead of protecting national security.


Be very, very careful what you wish for. How would the gubmint protect us from this sort of attack? By having the ability to monitor every bit of data on the internet *and* the ability to selectively shut stuff down. You do not want that.
 
2013-07-19 12:34:04 PM  
I bet they wished they kept Copper Lines in there now!!!!  HAHA!1!!11

www.broadreachnetworks.com
 
2013-07-19 01:44:55 PM  

Livingroom: Headline implies 911 is on IRC now... Can just see irc.efnet.net channel #911...

"Sorry, we cannot dispatch an officer to help you- you're not registered with NickServ."


But efnet doesn't have nickserv... >.>
 
2013-07-19 02:52:13 PM  
UsikFark:
Do you know why ethernet is "limited" to three hundred feet? Hint: it's not.

The spec for Ethernet over UTP is 100 meters, not 300', but that's splitting hairs.  If you need more distance than that, optical Ethernet is easy enough to use, instead.
 
2013-07-19 05:32:30 PM  
CONNEC^M^M^MNO CARRIER
 
2013-07-19 09:35:29 PM  
As someone who just had to set-up ROIP between my e911 Center and two Ambulance services, the primary/backup order goes ROIP (secured with backup), radio towers (with available backup), land-lines (can be switched to next county) , cell phones (county then personal if needed) and if Armageddon comes then onto HAM radios. That's just from a small county setup.

Every month or so we get the bulletin about auto-dialers flooding the land lines. ROIP/VOIP dial of service attacks. The nut who built something to screw with the radio towers. Strangely copied from a press release of some company that just happens to have a solution with a price tag private business would laugh off and always sent by some random secretary and not the people whose job it is to actually watch this stuff.

Not saying deliberate screwing with isn't possible or that it doesn't happen (it obviously does). Just if it does the dispatchers, tech dept, and directors keep on going rather than call the loved ones in tears and tell them to get out of dodge before eating the flesh off co-workers faces and going feral.

Truly smaller depts. still have county switch over or cell phones etc.

"For nearly two days in March, ambulances and patients' families calling the San Diego hospital heard nothing but busy signals."

Or for two days ambulances had to use the backup systems and family either had to go farking visit folks or call another family member direct to find out status. If not more than just the tech dept. needs fired.
 
Displayed 45 of 45 comments

View Voting Results: Smartest and Funniest


This thread is closed to new comments.

Continue Farking
Submit a Link »
On Twitter





In Other Media


  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.

Report