[VoiceOps] SS7

Mary Lou Carey marylou at backuptelecom.com
Fri Apr 22 10:13:34 EDT 2016


If you just want to route traffic to the PSTN network and you don't want to deal
with getting SS7 links, there are several large carriers that will provide a
host switch product. It's a cheaper way to go initially for those who don't
deliver tons of traffic to the PSTN. Right now it is only available in Verizon
territories as far as I know, but as soon as the process for the new
Interconnected VOIP carriers is established, you should be able to do it in any
major ILEC/RBOC area. Just a thought for those who don't want to put all the
money into becoming a full-fledged facilities-based CLEC.
 
Mary Lou Carey
BackUP Telecom Consulting
Marylou at backuptelecom.com
Office: 615-791-9969
Cell: 615-796-1111

> On April 21, 2016 at 5:35 PM Kidd Filby <kiddfilby at gmail.com> wrote:
> 
>  I purposely didn't even start down that road.  But, Yes, they most certainly
> could, and for the most part would be easier.  All of the same info rides the
> SigTran deployment as an SS7 A/E/F-Link, plus possibly more.... depending on
> what type of messaging you're talking about.  However, it also lacks voice
> content, like the SS7 network.
> 
>  Kidd
> 
>  On Thu, Apr 21, 2016 at 4:27 PM, Jared Geiger <jared at compuwizz.net
> <mailto:jared at compuwizz.net> > wrote:
>    > >    I haven't used SS7 in the voice world, only touched briefly on the
>    > > messaging side of it. Would hackers be able to do the same similar
>    > > attack via SIGTRAN? I would think it would be easier to get access to a
>    > > poorly managed SIGTRAN device which would then give you SS7 access.
> >     
> >    Or even an Asterisk box running SS7 trunks.
> > 
> >    On Thu, Apr 21, 2016 at 1:00 PM, Dan York <dyork at lodestar2.com
> > <mailto:dyork at lodestar2.com> > wrote:
> >      > > >      Joseph,
> > >       
> > >      I noticed that in Gmail (and perhaps other email systems), the longer
> > > reply I wrote for Kidd was hidden because it appeared after his text.
> > >  Here's what I wrote...
> > >       
> > >      what's fascinating is the recent rise in end-to-end (e2e) encryption
> > > among IP-based communications platforms that include voice.
> > >       
> > >      WhatsApp, for instance, just completed the rollout of e2e encryption
> > > on April 5, and not just for messaging, but also for voice and video calls
> > > as well as file transfers (
> > > https://blog.whatsapp.com/10000618/end-to-end-encryption ).  Just
> > > yesterday the team behind Viber announced that they will soon have e2e
> > > encryption for all clients.  The app Wire ( http://wire.com ) also does
> > > e2e encryption for voice, video and group chats.
> > >       
> > >      In a US Congress hearing this week, a Congressman asked a Dept of
> > > Homeland Security representative if e2e encryption available in apps would
> > > have prevented this interception that happened via SS7. The DHS answer was
> > > that it would mitigate the interception of the content, although the
> > > location meta-data would still be available.  (You can view the exchange
> > > via the link in this tweet:
> > > https://twitter.com/csoghoian/status/722854012567969794 )
> > >       
> > >      The end result is that we're definitely moving to a space where the
> > > communication over IP-based solutions will wind up being far more secure
> > > than what we had before.
> > >       
> > >      Interesting times,
> > >      Dan
> > > 
> > >      On Thu, Apr 21, 2016 at 3:45 PM, Joseph Jackson
> > > <jjackson at aninetworks.net <mailto:jjackson at aninetworks.net> > wrote:
> > >        > > > > 
> > > >        I don’t know many places that encrypt their voice traffic. 
> > > > 
> > > >         
> > > > 
> > > >         
> > > > 
> > > >         
> > > > 
> > > >        From: VoiceOps [mailto:voiceops-bounces at voiceops.org
> > > > <mailto:voiceops-bounces at voiceops.org> ] On Behalf Of Dan York
> > > >        Sent: Thursday, April 21, 2016 2:45 PM
> > > >        To: Kidd Filby
> > > >        Cc: voiceops at voiceops.org <mailto:voiceops at voiceops.org>
> > > >        Subject: Re: [VoiceOps] SS7
> > > > 
> > > >         
> > > > 
> > > >        This is generally true if the calls are *unencrypted* on VoIP... 
> > > > 
> > > >         
> > > > 
> > > >        On Thu, Apr 21, 2016 at 2:20 PM, Kidd Filby <kiddfilby at gmail.com
> > > > <mailto:kiddfilby at gmail.com> > wrote:
> > > > 
> > > >         
> > > > 
> > > >        Also folks, don't forget, the same outcome of recording someone's
> > > > call is MUCH easier to accomplish once it is VoIP.  IMHO, of course.
> > > >  ;-)
> > > > 
> > > >         
> > > > 
> > > >        ... BUT... what's fascinating is the recent rise in end-to-end
> > > > (e2e) encryption among IP-based communications platforms that include
> > > > voice.
> > > > 
> > > >         
> > > > 
> > > >        WhatsApp, for instance, just completed the rollout of e2e
> > > > encryption on April 5, and not just for messaging, but also for voice
> > > > and video calls as well as file transfers (
> > > > https://blog.whatsapp.com/10000618/end-to-end-encryption ).  Just
> > > > yesterday the team behind Viber announced that they will soon have e2e
> > > > encryption for all clients.  The app Wire ( http://wire.com ) also does
> > > > e2e encryption for voice, video and group chats.
> > > > 
> > > >         
> > > > 
> > > >        In a US Congress hearing this week, a Congressman asked a Dept of
> > > > Homeland Security representative if e2e encryption available in apps
> > > > would have prevented this interception that happened via SS7. The DHS
> > > > answer was that it would mitigate the interception of the content,
> > > > although the location meta-data would still be available.  (You can view
> > > > the exchange via the link in this tweet:
> > > > https://twitter.com/csoghoian/status/722854012567969794 )
> > > > 
> > > >         
> > > > 
> > > >        The end result is that we're definitely moving to a space where
> > > > the communication over IP-based solutions will wind up being far more
> > > > secure than what we had before.
> > > > 
> > > >         
> > > > 
> > > >        Interesting times,
> > > > 
> > > >        Dan
> > > > 
> > > >         
> > > > 
> > > >        --
> > > > 
> > > >         
> > > > 
> > > >        Dan York
> > > > 
> > > >        dyork at lodestar2.com <mailto:dyork at lodestar2.com>
> > > >   +1-802-735-1624   Skype:danyork
> > > > 
> > > >        My writing -> http://www.danyork.me/
> > > > 
> > > >        http://www.danyork.com/ <http://www.danyork.com/>
> > > > 
> > > >        http://twitter.com/danyork <http://twitter.com/danyork>
> > > > 
> > > >      > > > 
> > > 
> > >       
> > >      --
> > >       
> > >      Dan York
> > >      dyork at lodestar2.com <mailto:dyork at lodestar2.com>   +1-802-735-1624
> > >   Skype:danyork
> > >      My writing -> http://www.danyork.me/
> > >      http://www.danyork.com/
> > >      http://<http://twitter.com/danyork>
> > >      _______________________________________________
> > >      VoiceOps mailing list
> > >      VoiceOps at voiceops.org <mailto:VoiceOps at voiceops.org>
> > >      https://puck.nether.net/mailman/listinfo/voiceops
> > > 
> > >    > > 
> >    _______________________________________________
> >    VoiceOps mailing list
> >    VoiceOps at voiceops.org <mailto:VoiceOps at voiceops.org>
> >    https://puck.nether.net/mailman/listinfo/voiceops
> >  > 
> 
> 
>  --
>  Kidd Filby
>  661.557.5640 (C)
>  http://www.linkedin.com/in/kiddfilby
>  _______________________________________________
>  VoiceOps mailing list
>  VoiceOps at voiceops.org
>  https://puck.nether.net/mailman/listinfo/voiceops
> 

 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20160422/c2a99b02/attachment-0001.html>


More information about the VoiceOps mailing list