[HN Gopher] 5G: The outsourced elephant in the room
___________________________________________________________________
5G: The outsourced elephant in the room
Author : sam_lowry_
Score : 481 points
Date : 2021-04-17 10:07 UTC (12 hours ago)
(HTM) web link (berthub.eu)
(TXT) w3m dump (berthub.eu)
| carlosf wrote:
| > In a modern telecommunications service provider, new equipment
| is deployed, configured, maintained and often financed by the
| vendor. Just to let that sink in, Huawei (and their close
| partners) already run and directly operate the mobile
| telecommunication infrastructure for over 100 million European
| subscribers.
|
| > The host service provider often has no detailed insight in what
| is going on, and would have a hard time figuring this out through
| their remaining staff. Rampant outsourcing has meant that most
| local expertise has also left the company, willingly or
| unwillingly.
|
| 100% reflects my experience working in Huawei BR a few years ago.
| Carriers are mostly customer facing companies and very limited
| technically.
|
| Our customer (million + subscribers BR carrier) often hadn't the
| slightest idea how their own network was built and worked.
|
| Banning Huawei is absolutely impossible, at least in Brazil.
| krona wrote:
| This aligns with my experience working at IBM. I knew Vodafone
| was a big customer, but I found the extent of that relationship
| peculiar; in presentations given by senior engineers it came
| across that IBM seemed to running the core parts of their
| network. That can sometimes mean Vodafone engineers are barely
| allowed to touch anything without an IBM contractor on site. It
| got me thinking; who and what is really running these telecom
| networks and are they not much more than a branding exercise.
| Spooky23 wrote:
| Which is hilarious, as IBM outsources its own network to at
| least two entities as well.
|
| The IBM guy is probably connecting to Vodaphone through some
| AT&T managed tunnel.
| pram wrote:
| If you've worked at an MSP, you realize this is the case with a
| lot of companies. I worked on the infra of a pretty major
| publisher and their full time staff literally didn't know
| anything about their platform. All the websites had been
| written by contractors, and then the maintenance was handled by
| us. It's actually insane.
| kazen44 wrote:
| Bert hubert has another great article that is referenced[0]
|
| [0]https://berthub.eu/articles/posts/how-tech-loses-out/
|
| This article hits the nail on its head, and i can see it
| happening all around us, not only in the telcom/tech world.
| Boeing is a prime example for instance, but also the general
| death of manufacturing in the western world has resulted in
| this.
| wil421 wrote:
| I worked with Vodafone and AT&T for projects in Europe. It was
| a large company to that did some work with SDNs and were a MSP.
| Can confirm the endless chain of subcontractors when dealing
| with large Telcos.
|
| Europe in general has a fetish with subcontracting IT to the
| point where only the contractor's can do it. Sometimes it's the
| contractors's contractor's contractor who is the only one who
| can do anything.
| kazen44 wrote:
| this fetishization of contracting everything out to
| subcontractors has to do with the fact that most business
| schools teach one principle and one principle only. risk
| taking is a sin that will hurt your bottom line.
| subcontracting delegates that risk to someone else while
| leaving your company with little to no real staff that can do
| the innovation.
|
| in the short term this does not matter, because the company
| stays profitable, but long term this is resulting in a system
| in which no one has complete ownership and responsibility of
| their systems, which makes doing changes and innovating
| nearly impossible.
| wil421 wrote:
| The US doesn't do it quite as much. I was shocked how much
| some of the larger known European telcos and companies
| contract out. As in the entirety of their networking and
| most of their IT functions were outside.
| whimsicalism wrote:
| The US does it quite a bit. I think it depends on what
| sort of company you're working in.
|
| For instance, when I worked in US govt, best as I could
| tell all the real work was done by contractors and the
| govt employees sat around on their asses all day.
| mindentropy wrote:
| I have seen many European companies love big monopolistic
| giants like IBM or Microsoft. There is literally no respect
| for smaller innovative companies.
| mindentropy wrote:
| I was shocked when I saw one of the Big Medical companies in
| Europe outsource almost every single thing.
|
| Headquartered in Switzerland, its German office was mainly
| just Product managers writing requirements. Most of them
| would do endless paper work and all technical work is
| outsourced to multiple contractors. One of the requirements
| of the Product managers was to handle all these contractors
| so that things run smoothly. Many of the product managers had
| PhD degrees or Masters doing this nonsense. Finally the
| wonder why the cost of their products are so high.
|
| I have noticed that it is better in the United States where a
| lot of medical companies have a lot of in house technical
| experience.
| g_p wrote:
| This is more common than many think.
|
| Once a managed provider steps in, they want to "own" the
| configuration. You end up with the operator itself actually
| having to raise tickets with the MSP to change things on their
| own network.
|
| All this becomes a huge issue if there's a major outage, as the
| MSP might not have enough access to actually get in and do
| anything.
|
| Most telecoms networks are run (to some significant extent) by
| a managed service provider, in my experience. When O2 UK had a
| major core outage due to an Ericsson certificate expiry inside
| the core, it wasn't O2 engineers that found and fixed the
| issue; it was Ericsson engineers.
|
| The margins as an operator don't make it easy to keep around
| the deep technical skills to be an expert in the network you
| own.
| johnchristopher wrote:
| > You end up with the operator itself actually having to
| raise tickets with the MSP to change things on their own
| network.
|
| Once, I found out a contractor was so used to opening and
| closing tickets for themselves that they were actually gaming
| the system and using it as a way to correct payements for
| their services. Each payement went through at least two
| accounting services and yet it worked. Interesting
| discussions followed :-). They are still there.
| taurath wrote:
| Operator margins in the US are enough to pay billions for
| media companies, at least. But maybe more competition is
| allowed in Europe.
| g_p wrote:
| There's definitely a "side of the pond" aspect to this - US
| operators pay for media companies, but they likely do so to
| raise their margins, and I presume they're borrowing the
| funds from institutional investors to do this, rather than
| bootstrapping their acquisitions with profits.
|
| In Europe you'll likely see far lower per-user pricing due
| to competition. You'll typically have 3 or 4 operators with
| physical networks, and a number of virtual operators
| providing white labelled service over the underlying
| networks.
|
| A standard target ARPU (average revenue per user) would
| probably be around 15 GBP per user per month. You'll likely
| get to that via contract users who you try to get on 22 GBP
| per month or thereabouts, and pay as you go users whose
| ARPU is far lower (maybe 8 or 10?)
|
| Compared with the US, consumer prices paid are incredibly
| cheap - expect unlimited calls and SMS, and many gigabytes
| of data. If you shop around you'll get even cheaper still.
| In the UK you'd be able to get unlimited 4G or 5G data for
| 25 GBP per month.
|
| Clearly the US has a much larger geography to cover, but
| there's definitely more competition leading to downward
| price pressure in Europe, in my view.
| sbarre wrote:
| Canada's average ARPU for mobile customers is like 60-70$
| I think.
| ixfo wrote:
| More than allowed - in the EU at least, telecoms (wireline
| at least) is heavily regulated, and monopoly infrastructure
| providers (i.e. wire owners) are required to provide
| wholesale services and operate on those services for their
| own retail arms. Mobile operators have slightly less
| regulation in the way of competitition but there are
| similar requirements for vMNOS etc. So yeah, overall
| margins tend to be smaller and there's healthier
| competition overall, but telecoms is still flush with cash
| in general.
| rcarmo wrote:
| IBM won a major outsourcing contract in the early 2000s for
| Southern Europe (I know, I was there). I can assure you that
| they did not run the network because of a) sheer literal
| incompetence (they did not have the skills, in multiple
| regards) and b) the deal was solely for IT workloads and on an
| exclusive basis, and that did prevent many Vodafone staffers
| from actually fixing the messes IBM created.
|
| (EDS won the northen countries, BTW, and I think things were
| marginally better with them, but either way, things soon
| reverted back to a more flexible arrangement because product
| development was severely hampered and most OpCos ended up
| rebuilding their IT systems)
| rcarmo wrote:
| This is factual information, so why the downvote?
| peter_d_sherman wrote:
| 5G Vs. Starlink
|
| Which will win?
|
| ?
|
| Or, more likely, does the future hold a _coming broadband
| internet connectivity price war?_
|
| ?
|
| And if so...
|
| ...who will be the "last IP address standing"?
|
| ?
| rijoja wrote:
| "Just to let that sink in, Huawei (and their close partners)
| already run and directly operate the mobile telecommunication
| infrastructure for over 100 million European subscribers".
|
| Which providers are using and which are not using Huawei?
| Foivos wrote:
| This is my experience interacting with mobile telcos as well.
|
| Even to get some simple logs from a base station you need to
| either ask an Ericsson engineer or, worse, wait for the Telco
| employee with the relevant knowledge to find time to do it. Telco
| employees with such knowledge are very few compared to the amount
| of workload they have to do, so it is hard to get them to
| dedicate time to help you.
| g_p wrote:
| For background context around telecoms for anyone reading this,
| there is an underlying difference in how telecoms networks are
| designed and architected - in the Telco world, links between
| networks were predicated on trust. Originally, telecoms networks
| were run by national level quasi-government operators, one per
| country. You interconnected with other "known entities".
|
| Even now, you likely have 3, 4 or 5 national mobile operators in
| any one country. They negotiate their own roaming agreements in
| order for you to get roaming access. It's all driven by these
| kinds of relationships predicated on trusting other networks.
|
| In IT, we are rapidly moving towards zero trust (due to the
| internet), but circuit switched (legacy) voice is still all
| designed to be sent over private circuits between operators who
| trust each other.
|
| The legacy protocols (see SS7), used to route calls between
| operators are functional, but also lack access control and
| authentication, as it's assumed only trusted parties are on the
| network and able to use them. Those assumptions are no longer
| valid, and there's a huge challenge in dealing with this - hence
| SMS and call interception and rerouting attacks to steal 2FA
| tokens etc.
| tyingq wrote:
| The recently discussed[1][2] method of hijacking SMS with
| almost zero effort was an eye opener to me. I had thought it
| required social engineering my carrier. Nope, just a $15
| service.
|
| [1] https://news.ycombinator.com/item?id=26469738
|
| [2] https://lucky225.medium.com/its-time-to-stop-using-sms-
| for-a...
|
| [3] https://krebsonsecurity.com/2021/03/can-we-stop-
| pretending-s...
|
| Edit...added [3] above. Apparently, it's a $16 service, not
| $15: https://sakari.io/pricing/
| g_p wrote:
| Indeed!
|
| And if you have access to SS7, you can do it without the
| middle-man $15 service!
|
| These systems are really designed for use in a world where
| only trusted actors have any access to the system! That's
| clearly not true with all these third parties exposing
| functionality to the general public!
|
| [1] https://www.ptsecurity.com/upload/ptcom/PT-SS7-AD-Data-
| Sheet...
| gsich wrote:
| And how to get that?
| g_p wrote:
| It's not a publicly facing service that's on offer, but
| some smaller telcos and sketchy VoIP providers with
| legacy access often re-sell it.
|
| There's some good CCC talks on the subject if it's of
| interest.
| thaumasiotes wrote:
| > And if you have access to SS7, you can do it without the
| middle-man $15 service!
|
| This doesn't really seem to make things any worse. Surely
| it's easier to have $15 than it is to have access to SS7.
| MayeulC wrote:
| Right, but $15 a piece makes it only worth it for
| targeted attacks. Even if it's harder or more expensive
| to get access to SS7, it might become economical to
| attempt MITM on a larger target base once you do.
| myself248 wrote:
| Yeah, but say you want to hijack a million accounts. It's
| easier to have access to SS7 than $15 million.
| thaumasiotes wrote:
| What's the threat model there?
| nine_k wrote:
| Installing a backdoor to a a piece of equipment that
| handles SS7, for instance?
| thaumasiotes wrote:
| No, what is the threat model for the agent who wants to
| hijack text messages to a million random phones? Why are
| they doing it?
| walrus01 wrote:
| The funny part about that is the $15 hijack service was
| predicated on the flimsy legal fig leaf of somebody writing
| in an ink signature on a piece of paper and scanning it to
| port a number (term is an LOA, letter of authorization), same
| as I have to do when I port a bunch of DIDs between voip
| providers.
|
| Literally anyone with a printer and a pen can forge any
| signature and have a fairly high degree of success in the
| porting process.
| gumby wrote:
| This same approach (assume only trusted parties) is fundamental
| to SCADA systems (the industrial control protocols for power
| generation, wastewater systems, and other big industrial
| machinery). At best you get a firewall in front of it.
| walrus01 wrote:
| SS7 is not fixable in my opinion. It needs to undergo the
| metaphorical equivalent of being burnt to the ground and having
| its ashes stomped around on a bit.
|
| The further you go into the architecture of the "trust based"
| PSTN, SS7, traditional Telco stuff... The more you will see the
| total lack of modern cryptography, PKIs, zero trust network
| modeling, etc.
|
| I'll admit that my perspective is skewed by working in backbone
| IP network engineering for a mid sized ISP. We occasionally
| have reason to interact with some pstn related stuff. All of
| the real technical innovation, security advances and such have
| been taking place in the ISP world for the past 25 years, not
| the Telco world.
| g_p wrote:
| Indeed, SS7 is based on a whole host of assumptions that just
| can't be relied upon. Since SS7 doesn't even bother to try to
| verify who anyone is (you'd only peer with trustworthy
| people, right?!), it's also very hard to hold anyone
| accountable too. And since the idea of SS7 signalling is that
| it can be forwarded and passed around, it simply needs to be
| replaced by authenticated, access-control validated
| signalling. Then you can at least have some confidence you're
| actually hearing from a network that has a reason to be
| communicating.
|
| Too much of SS7 comes from a world where anyone can do
| anything - there's no legitimate reason in 2021 for an
| arbitrary network to be able to request a user's network
| location and cell ID, but the protocols support it. SS7
| firewalls try to plug the gaps, but ultimately you just
| innovate in how you try to get the network to hand over what
| you want, and eventually you'll find a way the firewall
| doesn't spot. Cat and mouse continues.
|
| Telco networks are "zero trust", just not in the right way(!)
| amaccuish wrote:
| > The more you will see the total lack of modern
| cryptography, PKIs..
|
| Funny you say that as x509 was an ITU standard. But yes, PSTN
| is terribly broken, with mobile bolted on.
| miohtama wrote:
| If the trust issues cannot be fixed on hardware level or on
| base layer, it needs to be fixed on higher levels with more
| prominent and audited protocols. "IP based calls and everyone
| gets a free VPN from their telco"
| bradleyjg wrote:
| > as it's assumed only trusted parties are on the network and
| able to use them. Those assumptions are no longer valid
|
| Why not refuse to peer with networks that peer/sell to bad
| actors? Before we had ML based email filters that kind of "hold
| upstreams responsible" strategy worked pretty well.
| g_p wrote:
| That's one approach, but some operators have SS7 connections
| to unknown providers. And turning off connections is a great
| way to discover that a whole host of services (think Twilio
| etc) suddenly stop working, as they were using some sketchy
| forgotten-about route into the network.
|
| With third party access often "leased" via legitimate-ish
| providers though, it's hard to really do this without cutting
| countries or territories loose. Small countries often have
| operators that give SS7 access, to raise some extra revenue
| they can't get from their (small and population limited)
| subscriber-base.
| bradleyjg wrote:
| It may be callous to say but I think most customers would
| be okay with the trade-off of losing telephone access to
| some small country that decided to monetize access to
| global telephony by selling to spammers and scammers, in
| exchange for not getting those calls.
| rcarmo wrote:
| SS7 is dead except in legacy switches. IMS started rolling out
| in 2004(ish), and replaced most voice switching with SIP, which
| gradually flowed out towards customers.
|
| Most voice installed for the last 10 years is already over IP.
| If it doesn't start in the CPE, then it starts at the curbside
| or lot where a DSLAM or equivalent generate dial tones, pack it
| onto IP packets and send it over a fiber connection.
| est31 wrote:
| Isn't the internet in the same situation, with BGP being
| assumed to be done between trusted parties?
| g_p wrote:
| At transit layer to an extent yes, but with every underlying
| user of the connectivity considering the connection
| compromised, and therefore using their own measures on the
| untrusted link.
|
| Hence IPsec and site to site/road warrior VPN - the
| underlying connectivity is regarded as untrusted by any sane
| user.
|
| In telecoms, anyone on the SS7 network can make a request to
| find a given number, or say the number is available and can
| be reached by routing via their network.
| walrus01 wrote:
| Any reputable and clueful transit provider these days is
| performing automated RPKI validation of the prefixes
| announced to them. In addition to whatever prefix lists might
| be manually set up on a bgp session.
|
| That's only a small piece of the puzzle in network security
| generally, but is sure better than how SS7 works right now.
| rcarmo wrote:
| Most carriers already use PKI for their BGP traffic. It's not
| the Wild West anymore (although of course you'll always find
| some weak link if you backtrack AS announcements far enough)
| darkr wrote:
| Yes, but increasingly traffic is strongly encrypted, with
| users able to exert some level of control over that
| encryption
| pas wrote:
| The first rule of BGP is to filter what you get. Don't just
| blindly accept whatever the peer advertises. The second rule
| is obvious, but for the third there's also a lot of knobs for
| traffic engineering with BGP. And on top of that there's RPKI
| [ https://blog.cloudflare.com/rpki/ ]
|
| I guess all of the big telcos have some homegrown ossified
| hacky "solution" that also serve as a minimal kind of
| "firewall" for SS7. (Basically I imagine that there's a lot
| of hardcoded rules for phone numbers, country codes and
| operators. Sure, they probably are an opposite of a problem
| for national intelligence services, after all it's easier to
| go by unnoticed in the noise, but they at least help with a
| total BGP-like hijack of a whole country code by an
| operator.)
| sneak wrote:
| I think RPKI poses a grave danger in terms of censorship.
| Anyone who controls the centralized database of public keys
| to prefixes can instantly and automatically take anyone
| offline, if all other routers refer to them in real-time
| for building route tables.
| g_p wrote:
| Big telcos need to do SS7 filtering and (based on the
| interface they receive the message from) limit what can be
| done. The trouble is that SS7 lacks proper authentication,
| so it's like setting Linux iptables rules only based on the
| interface name - eth0, eth1 etc.
|
| There are product-based SS7 protocol firewalls available
| that try to detect the "patterns" of signalling used to do
| "bad things", and block and report them.
|
| Part of the problem with SS7 is that it's complex, and you
| can't easily restrict who says what - if you port your
| number from Operator A to Operator B, your number prefix
| still sits in A's range, and calls are signalled to
| Operator A. They can then tell you to try Operator B. B may
| then need to tell you the user is roaming and how to reach
| them. But yes, current firewlls leave a lot to be desired!
|
| There's a number of good talks from CCC about SS7 - one is
| https://media.ccc.de/v/31c3_-_6249_-_en_-
| _saal_1_-_201412271...
| amaccuish wrote:
| > if you port your number from Operator A to Operator B,
| your number prefix still sits in A's range, and calls are
| signalled to Operator A. They can then tell you to try
| Operator B. B may then need to tell you the user is
| roaming and how to reach them. But yes, current firewlls
| leave a lot to be desired!
|
| Not in all networks as far as I'm aware. UK is an
| annoying example of not having a central database of
| ported numbers (with ACQ), where a redirect is setup in
| the old network. I once ported my number in the UK and
| had huge issues receiving international calls or 2FA
| codes, it took me ages to work out and only got it sorted
| by leaving the number entirely and getting a new one.
|
| Otherwise, like here in Germany, it's done with a proper
| database and the call never passes through the old
| network.
| ng55QPSK wrote:
| as far as i understand, there are no operators in Europe
| (maybe UK) anymore that don't run filtering on SS7. btw:
| SS7 is the legacy system and not part of 4G/5G.
| g_p wrote:
| They should all be running filtering, although not all
| filtering is as effective as each other.
|
| As you say, this is the legacy system, but it's still a
| huge problem for them!
| ng55QPSK wrote:
| My colleagues who do intrusion testing (for operators
| e.g.) tell me: We have not seen SS7 attacks in Europe for
| long time. The remaining attack surfaces are in the
| middle-east and north america.
| [deleted]
| g_p wrote:
| That's promising! It's now 5 years ago, but Telenor had a
| fairly big outage caused by malformed SS7 inbound
| signalling. Not sure if there's been anything since, but
| it certainly was an issue relatively recently.
|
| Hopefully with the (slow) move to 4G and IMS calling, we
| can turn the page on SS7 attacks soon.
| foobarian wrote:
| Reminds me of how NIS used to work on LANs. Oh what fun was had
| in college with NFS mounted home directories...
| tguvot wrote:
| I worked for a bunch of years in biggest Israeli company that is
| selling OSS/BSS and related outsourcing services to telecoms
| (those who can afford it's solutions), and had some first hand
| experience with them
|
| >Since the early 2000s at least, most billing has been
| outsourced. This works by sending all Call Detail Records (CDRs)
| to a third party, often from Israel or China. A CDR stores who
| called whom and for how long. More data might be attached, for
| example the location of the customer, or where the customer was
| roaming abroad etc.
|
| Don't know about software from China, but the one that we sold
| doesn't send anything back to Israel. There are a lot of rules
| and restrictions upon CDRs and we had a bunch of training with
| regards to it. Everything is running on client site, usually on
| hardware deployed by us at their data centers and managed by
| dedicated team of people who relocate to live next to the client
| in order to provide 24/7 support of the systems on site
|
| >Typical service providers have hundreds of thousands of network
| elements. Surprisingly perhaps, many of these are actually
| maintained manually (!). Thousands of networking engineers labour
| to keep all this infrastructure operating well.
|
| This is a mix of half-truths and lies.
|
| None of the operators have thousands of people to manually
| configure day-to-day network stuff. Operators have rather
| sophisticated automation systems (aka OSS) that deal with
| provision and configuration of everything in their networks. Or
| almost everything. Any given operator whose life span is a decade
| or two today has a boatload of equipment (thousands of different
| types of hardware from same amount of vendors). In many cases
| this equipment was bought and deployed 10 or 20+ years ago.
| Companies that made it do not exist for many years. This hardware
| can't be replaced with anything, because nobody does this type of
| systems anyway. Those systems tend to have proprietary interfaces
| and in many cases can be managed only through Element Manager
| which can be managed only manually through some ancient windows
| or java application.
|
| >Meanwhile, modern large scale internet companies (like Google,
| Netflix, Facebook) have automated all such maintenance.
| Automation in this context means that no configuration states are
| edited manually but instead, entire networks get provisioned and
| configured from central templates.
|
| >With such automation, small teams of engineers can control and
| operate vast networks with relative ease - especially if good use
| is made of continuous integration and real life testing.
|
| I also worked for a while in one of FAANGS. They have it easy:
| all the hardware with modern with nice interfaces. You can
| actually automate it. Also their networks are much-much smaller
| compared to mid-sized telecom, much simpler and much more
| homogeneous. Automation that FAANG I worked for was a joke
| compared to automation systems that run telecom networks. My job
| was near network engineering team and during conversations they
| admitted that what they have is crap. I believe that at one point
| of time they considered to buy telecom level OSS system but
| bailed out because they couldn't get a source code .
| SSLy wrote:
| I work in one of the companies in the business (a competitor on
| some Amdocs' markets), and this person seems to know what
| they're saying.
| not1ofU wrote:
| Related: This white paper was published within the last 2 weeks
| relating to "5G Network Slicing"
|
| Quote from the author: "Currently, the impact on real-world
| applications of this network slicing attack is only limited by
| the number of slices live in 5G networks globally. The risks, if
| this fundamental vulnerability in the design of 5G standards had
| gone undiscovered, are significant. Having brought this to the
| industry's attention through the appropriate forums and
| processes, we are glad to be working with the operator and
| standards communities to highlight this issue and promote best
| practice going forward."
|
| PDF can be downloaded from here:
| https://info.adaptivemobile.com/5g-network-slicing-security
| ksec wrote:
| Probably Off Topic, but may be a chance if anyone within the
| industry might know.
|
| What are the current / purposed patent licensing terms of NR-U;
| finalised and related with 3GPP Rel 16 are going to be? Specific
| to standalone NR-U ( As in MultiFire in 4G. ) which could compete
| with WiFi 6e.
| kanisae wrote:
| In the past I worked at a mid level 4G provider in the US who had
| to deal with the larger providers on a regular basis. I was
| always astounded at how little they knew about their own
| networks.
|
| Regarding the articles statement of providers wanting an "all-in-
| one" solution, I have seen that in person, where management
| forced it, found it was horrible and then gave in and let us
| build the mixed vendor solution that worked well. I've personally
| mixed enode-b's from 2 different vendors to 3 different vendors
| SGW's and a different vendors PGW with no issues.
|
| The "One Throat To Choke" idea doesn't work if your business
| depends on that throat to operate so you end up with the vendor
| calling the shots instead of the business.
| g_p wrote:
| The bigger they are, the harder they fall...
|
| On the whole, the technical standards should allow the kind of
| interoperability you described. That's the kind of fun real-
| world engineering that techies love. The bean-counters don't,
| because it's more devices needing support packages, it's more
| suppliers on the books, and ultimately it's probably (slightly)
| less profit than buying a single box.
|
| I've seen big household name operators in Europe stop even
| pretending they're doing the work, and straight up pass on
| contact details and a mobile number for the person at their
| tier-1 vendor partner, so you can liaise directly with them.
|
| It seems in these "5G" days even more than before, operators
| are retreating into the business of connectivity service, and
| leaving more and more for their vendor partners to do. When
| you're not even hiding the fact to a client that they may as
| well speak directly to the vendor, that says it all(!)
| sgt101 wrote:
| >>The "One Throat To Choke" idea
|
| but it sounds soooooo good in meetings !
| varispeed wrote:
| Isn't outsourcing essentially a tax avoidance? Companies look for
| cheap labour overseas because they don't want to pay local rates,
| which typically include higher tax and cost of adhering to any
| regulations. If a person tried to do this - for example
| outsourced their bank account to tax haven and asked their salary
| to be paid there, the authorities would be all over it. So now
| the fact that companies are not only not hiding the fact they are
| trying to bypass the system, they also are lobbying governments
| to make it easier! I for a second don't believe that there is no
| money under the table involved. Why otherwise politicians would
| choose to funk up the local population to appease a big
| corporation?
|
| Bottom line is that outsourcing should only be possible if it was
| not possible to create a product locally or companies should pay
| any difference in tax locally, so that people who got put out of
| jobs because of this can at least get benefits.
|
| And finally I don't understand why even discussing doing any
| deals with China does not amount to farting in a room.
| cptskippy wrote:
| Outsourcing is done for many reasons. Sometimes companies have
| more projects than staff and outsourcing offers them flexible
| bandwidth. The downside to this approach is that it puts stress
| on staff who have to train or maintain the outsourcer.
| varispeed wrote:
| I would understand outsourcing to countries that value human
| rights, have workers' protections in place and so on. But
| simply going for the cheapest possible option, where you get
| forced labour and children making your product simply wrong
| and indefensible. We at least should lobby online and offline
| shops to show country of origin on the labels. I wish if I
| could go on Amazon and have ability to filter out anything
| that comes from China. If you want to buy something
| responsibly it is very time consuming and some manufacturers
| go to great length to hide where their products are really
| made. Those people who exploited labour in Asia now got
| filthy rich and they are in position to shush any politician
| looking to put a stop to this or make sure such filters would
| not be implemented.
| baq wrote:
| > We recently asked a large European service provider why only
| part of their customers get IPv6 service, and how they pick which
| parts do or do not get such service. They could not tell us, and
| informed us they too would like to know
|
| woah. as a EU citizen, i'm terrified. i wanted to say surprised,
| but after a moment's thought, turns out it's only a moderate
| misalignment of expectations.
| JPLeRouzic wrote:
| I retired in 2012, but at that time my employer had completely
| subcontracted the operation and maintenance of its mobile
| network to Ericsson, Huawei and Nokia. It was in France.
|
| Once I asked for a one day snapshot of all mobile data for a
| cooperative R&D project. The saga went on for months with
| repeated requests at various hierarchical levels, but to no
| avail.
|
| It's not that they refused, but I guess that the guys in charge
| simply were unable to get the requested information from the
| subcontractors.
| iagovar wrote:
| I work for a large EU Telco and I can tell you the inside
| battles to get stuff done are absolutely ridiculous.
|
| Of course I work for a subcontractor too.
| dd_roger wrote:
| I work in OT security in an industry completely unrelated to
| Telecoms but which is also a matter of national security and
| everything in this blog post doesn't really sound believable from
| my experience dealing with sensitive infrastructures. Different
| industries, different countries, etc. I get that things can
| differ a bit, but going from "the infrastructure is airgapped"
| (in my industry) to "the infrastructure is managed remotely by a
| foreign entity" (as claimed by the author) seems too big to be
| true. Not gonna lie, I'm a bit sceptical about the veracity of
| some of these claims.
| Clewza313 wrote:
| > _Since the early 2000s at least, most billing has been
| outsourced. This works by sending all Call Detail Records (CDRs)
| to a third party, often from Israel or China._
|
| This is quite misleadingly written: telcos are not shipping reams
| of CDRs to some cubicle farm in Haifa or Chongqing.
|
| Yes, almost every telco outsources its billing _software_ to
| other companies, notably Amdocs (founded in Israel, now HQ 's in
| the US). However, billing info is some of the most sensitive data
| a telco has for both privacy and commercial reasons, so that
| software _always_ runs in a closed environment from where it
| cannot dial home. Historically that 's been on-prem, it's slowly
| moving to the Cloud but even there it's going to be firewalled
| off very carefully.
| waheoo wrote:
| Oh yea, super secure, their outsourced security team is all
| over it.
| sgt101 wrote:
| There's a big gap between what happens in the larger telcos
| that run infrastructure, and the white label operators.
| tguvot wrote:
| White label operators can't usually afford Amdocs solution
| from one side. From the other side, Amdocs doesn't have a
| server farm in Israel to do CDR processing :) Everything
| happens either on client premises (and Amdocs can deliver
| end-to-end solution, including buildout of complete
| datacenter if it required by client) or "in the cloud"
| afarviral wrote:
| Wow ... I read this whole thing thinking it was a human. On a re-
| read I'm wondering what I was thinking. One thing that stands out
| on the account's previous posts is the paragraph lengths are
| quite consistent.
|
| I'm going to have to train my bot senses. I got conned. Any tips?
| Mindlessly reading me is not prepared...
| afarviral wrote:
| Oh dang.. Was trying to reply to ttty comment that got flagged
| as likely not hijacked account. Off topic but interesting.
| monkey_monkey wrote:
| Ah ok, I got terribly confused, because the sam_lowry account
| seemed quite legit!
| afarviral wrote:
| Apologies... But also: question everything. He he.
| commandlinefan wrote:
| Wait, what? Are you suggesting this post is GPT-3 or something?
| Did we read the same article?
|
| Edit: ok, I think you meant to reply to another comment which
| is currently flagged/dead. It looked like you were referring to
| the linked article itself.
| g_p wrote:
| One tell-tale sign I've noticed is sentences that don't go
| anywhere - the last sentence of the first paragraph starts
| going somewhere, then suddenly stops. If we assume people
| communicate for the reason of conveying some meaning, always
| dig for the meaning. If it's not there, it's likely some kind
| of vapid content-less babble...
|
| If you read critically with a view of "what are they actually
| saying?", you tend to spot this fairly quickly. The ending with
| some irrelevant babble gave the game away a bit though.
| afarviral wrote:
| That's an excellent tip. Form an idea of what "they" are
| trying to convey... If it evaporates unexpectedly it might
| not be trying to convey anything...cause it's just an ML
| algo. The trouble is having clarity of thought myself, I
| barely know what point I'm trying to make let alone following
| the precise points of others half the time. These things
| really nail verisimilitude of chatter about an unfamiliar
| topic or of a smarter person, for instance, where you can't
| detect the BS because you assume lack of knowledge.
| g_p wrote:
| There's actually a really interesting field of (serious)
| academic and scientific endeavour into the study of "pseudo
| profound bullshit" - a search for that will find you some
| of the papers available freely online.
|
| It seems that these text generation bots are pretty good,
| as you say, at generating some basic level chatter about a
| topic in a manner that can sound convincing. Somewhat like
| a "talk-show style TV news pundit" can - I'm reminded of
| the various times they're tricked into giving their
| commentary on things that haven't happened yet, and they
| happily (blindly) oblige, because they're more interested
| in being seen to be an expert than in actually having
| something to say.
|
| I think the more confident and critical you are in reading,
| the raider it is to detect the nonsense through internal
| inconsistencies - many of these text generation systems
| really struggle to produce an internally consistent
| argument.
| commandlinefan wrote:
| > Driven by balance-sheet mechanics and consultants
|
| It's not just telcos...
| ng55QPSK wrote:
| No only by balance-sheet mechanics, there is some politics
| attached. In my work place we're currently discussing moving
| in-house data centers to a cloud-provider. At the first glance
| it looks like at a higher cost (in-house cheaper). Now some
| balance-sheet-makeup sets in.
| [deleted]
| quelsolaar wrote:
| My assumption is that all intelligence services in all countries
| would love to have access to fully compromised networks. They
| spend all their time thinking about how to access information, so
| they would be fairly incompetent not to consider this.
|
| Does that mean that all systems are compromised? No, because
| there are risks associated with tapping in to these systems.
| Partly it depends on if they have access to the systems, but
| mostly on the possible blow-back if they get caught.
|
| Example: Swedens FRA (NSA equivalent) could in theory ask
| Ericsson (a Swedish company), to install a backdoor. But, Sweden
| has a fairly free press, and there are good chances that someone
| would leak this information. If it got leaked it would be a major
| scandal that could go as far as toppling the government and
| destroy one of Swedens most important export companies. Its very
| risky, and its a risk no one wants to take, so the parts made in
| sweden are probably not compromised.
|
| China, on the other hand has almost no risks associated with
| adding backdoor. No free press, hard suppression of whistle
| blowers, and since most foreign intelligence services already
| assume the equipment is compromised, there is no real
| reputational damage either. I assume they are all compromised,
| why wouldn't they be?
|
| The US is somewhere in between.
|
| Sometimes companies are compromised by intelligence services, but
| much more often I think its employees. Why try to change Tim
| Cooks stance on privacy, when all you need to do is find one
| Apple employee, willing to take a sack of money to "do their
| country a great service"?
| sneak wrote:
| > _The US is somewhere in between._
|
| Bart Gellman's book says that Snowden warned him not to be the
| only person in possession of the leaked data prior to
| publication, as the US intelligence community would kill him
| (Gellman) instantly to prevent the publication of the
| information contained therein.
|
| This was the biggest takeaway from the book, for me: the US
| military will assassinate US citizens (journalists!) in the
| middle of New York City without due process or a trial to
| prevent them from carrying out journalism.
|
| We expect this kind of cloak and dagger shit from the CIA, but
| it pays to think about it in clear terms: the US military can
| and will assassinate US citizens engaging in constitutionally
| protected activity in the middle of Manhattan _with no
| consequences whatsoever_.
| afrodc_ wrote:
| Is there proof of this or is this conjecture?
| sneak wrote:
| Two examples we know of of the CIA assassinating Americans
| without trial or consequences:
|
| https://en.wikipedia.org/wiki/Anwar_al-Awlaki
|
| https://en.wikipedia.org/wiki/Abdulrahman_al-Awlaki
|
| The potential murder of Gellman was stated by Snowden, who
| was trained by the CIA, and was stated on more than one
| occasion.
| seppin wrote:
| Killing self-identified enemies in a literal war zone is
| not the constitutional crisis you are implying. And as
| said, a "potential murder" isn't actually anything.
| Unless something happens, it's not something to cite.
| opnitro wrote:
| Also this, which wasn't directly the CIA but by CIA
| backed groups:
| https://en.wikipedia.org/wiki/Orlando_Letelier, a
| political assassination on US soil. (Although not a US
| citizen)
| selectodude wrote:
| That's one heck of a leap to blame on the CIA.
| jayd16 wrote:
| The assertion was "the US military can and will
| assassinate US citizens engaging in constitutionally
| protected activity in the middle of Manhattan."
|
| It really diminishes your point when that is compared to
| an airstrike on foreign soil.
| sneak wrote:
| I don't really think the territorial claim on the land
| where the extrajudicial assassination happens is very
| relevant to the legal fact of the matter.
|
| We don't say that the FSB attempting to execute Skripal
| in a UK shopping mall doesn't count because it was in the
| UK. Murder is murder.
|
| The claim that the IC would assassinate Gellman in New
| York was made by someone who used to be an actual CIA
| operative and went through their training.
| seppin wrote:
| > the US military
|
| You already messed up a few times. The Military has a strict
| chain of command and legal liabilities, such an action would
| be an intelligence operation. Oh, and the US doesn't have a
| domestic spy agency, so that make it even more difficult of a
| theory.
|
| > Snowden warned him
|
| > the US military can and will assassinate US citizens
| engaging in constitutionally protected activity in the middle
| of Manhattan with no consequences whatsoever.
|
| Yeah not only do I see no precedent, it seems like you are
| basing everything on something one person "said" to another.
| smogcutter wrote:
| Snowden was an IT contractor, how does he know what the "US
| intelligence community" would and wouldn't do?
|
| Not that he's necessarily wrong, but it seems like a leap to
| go from Snowden saying something _he_ believes, to a
| certainty that "the US military can and will assassinate US
| citizens in the middle of manhattan".
| sneak wrote:
| Snowden was trained and directly employed by the CIA in
| 2006 before he changed jobs to working at IC contractor
| companies.
|
| After CIA training, he worked in Geneva under diplomatic
| cover, in 2007 to 2009.
| DyslexicAtheist wrote:
| indeed he was a real prodigy Sharepoint administrator. I
| don't want to diminish the value of what he leaked but
| it's easy to claim he was aware of all the potential
| butthurt before others pointed it out as things unfolded.
|
| It is much more realistic that what happened was a true
| "Burn after reading moment"
| https://www.youtube.com/watch?v=pabA320p9B0
| sneak wrote:
| I am fairly confident that CIA training for those who are
| going to be living and working under diplomatic cover in
| a foreign country extends well beyond how to wrangle
| Exchange and Sharepoint.
|
| He wrote about some of the things that happened in
| Geneva, I encourage you to read them. Even sysadmins for
| the CIA need to know some stuff about how the game works.
| DyslexicAtheist wrote:
| he was how old when he was in Geneve? 23? Doubt that any
| kind of training made him an experienced operative. He
| was still a kid and hardly the Jason Bourne people make
| him out to be. I'm not saying his leaks didn't provide
| huge value but it is more plausible that he wasn't fully
| aware of all the impact that he claims he had knowledge
| of back then today (or what people attribute him with).
| sneak wrote:
| I don't think someone needs to be Jason Bourne to have
| come to the conclusion in the 73 years of the CIA's
| operational history that they assassinate people who risk
| their large-scale projects' secrecy.
|
| This feels like a strawman to cling to the idea that
| being a US citizen means that the CIA won't assassinate
| you for being inconvenient, which has been literally and
| directly claimed, at least twice, _by someone from the
| actual CIA_.
|
| Indeed, the reason you even know the name Jason Bourne,
| or the reason those movies work, is because of the
| generation-long history and reputation of the US military
| intelligence services to break the law flagrantly in many
| countries with no meaningful consequences. We don't have
| to suspend disbelief to engage with the idea that there
| is a section of government with staff who can kill anyone
| they deem needs killing.
| secondcoming wrote:
| If the Dutch would get Philips to weaken crypto devices [0],
| [1] then it wouldn't surprise me if the Swedes would ask the
| same of Ericsson [2]
|
| [0]
| https://www.vpro.nl/argos/lees/onderwerpen/cryptoleaks/2020/...
|
| [1] https://www.ceesjansen.nl/en/cryptography/
|
| [2]
| https://www.tandfonline.com/doi/full/10.1080/02684527.2020.1...
| rcarmo wrote:
| Nobody needs backdoors when there are quite complete legal
| interception features regulated into core systems. Plus
| everything is IP these days, so tapping a call is trivial. It
| just can't really be done towards outside the telco network
| without anyone noticing, the world isn't a hacker movie...
| marsven_422 wrote:
| "Sweden has a fairly free press"
|
| That's so wrong it hurts! All our press are dependent on
| government "presstod" aka handouts.
| pa7ch wrote:
| Independent and free are not the same thing. You could say
| sweden's press is free despite its dependance. However, maybe
| the sweden gov values free press and the press is free via
| this relationship.
| Swenrekcah wrote:
| The press can be free regardless. If the allocations are
| according to some objective metrics then I don't see a
| problem.
| fallingknife wrote:
| If the government has the power to grant money and set
| metrics, it also has the power to take it away, and change
| the metrics. So if you are getting a grant based on
| "objective metrics," it might be a good idea to not piss of
| the people defining them.
| Swenrekcah wrote:
| Of course but that is a move that costs the government
| something in political capital. There are always dangers
| in criticising the powers that be, but I can not see that
| these kinds of press grants are a big problem.
|
| If the country is a democratic one to begin with, the
| grants do more good by insulating the press from
| commercial powers than they do bad in this way, in my
| opinion.
| fallingknife wrote:
| It may well be a good trade off. I'm just pointing out
| that there is never a way to be completely free from
| whoever is paying the bills.
| whatshisface wrote:
| Objective metrics can be as biased as subjective metrics.
| Swenrekcah wrote:
| I disagree.
|
| The complaint was that a grant from the government makes
| the press less free to criticise the government.
|
| If the grant is clearly and legally bound to be
| determined according to a set of objective and publicly
| available metrics I do not see that it would be such a
| big problem.
|
| Of course a vindictive government could do what they can
| to negatively affect the press outlet in question but
| similarly could a supporting public affect them.
|
| In any case it can all be accounted and prepared for as
| long as the process is objective and transparent.
| quelsolaar wrote:
| According to Reporters without borders, Sweden ranks 4th in
| the world, in press freedom. I think that would qualify as
| "fairly free".
|
| https://rsf.org/en/ranking_table
| ng55QPSK wrote:
| Google Ericsson Vodafone Greece.
|
| And for US, google Cloud Act.
| NKosmatos wrote:
| The wiretapping scandal you are referring to is known as "The
| Athens Affair" and has to do with infiltration of Ericsson
| software exchanges by experts on how the software is working.
| Vodafone is/was the one to blame here and it wasn't a fault
| of the software provided by Ericsson. More info here:
| https://spectrum.ieee.org/telecom/security/the-athens-affair
| ChrisKnott wrote:
| The CLOUD Act is a mechanism for legal authorities to compel
| companies to produce data they hold, even if it is stored on
| servers outside the US. I don't think it's fair to
| characterise that as a backdoor.
| the-dude wrote:
| _Airbus to sue over US-German spying row_ [0]
|
| [0] https://www.bbc.com/news/world-europe-32542140
| riazrizvi wrote:
| > Does that mean that all systems are compromised? No, because
| there are risks associated with tapping in to these systems.
| Partly it depends on if they have access to the systems, but
| mostly on the possible blow-back if they get caught.
|
| Isn't it common knowledge that the US and China is spying on
| everyone? The main difference is that China is not a military
| ally, and its government spying, which is unfettered, supports
| its private enterprise that is government financed and owned.
| US govt spying is unfettered. US corporate spying far more
| restricted because US businesses are bound by Federal and State
| laws, and it's not centrally coordinated, instead US businesses
| are autonomous entities. And though US corporate spying on
| customers is rampant, it is also transparently written into
| usage contracts. US corporate spying is obviously for profit,
| and since the US and Europe are strategically tied through
| NATO, it's not on the same threat level. China and its axis
| ally Russia, clearly bump up against the West because our
| political systems are fundamentally opposite, democratic vs
| autocratic.
|
| What this translates to is Chinese investors are agressively
| running around buying into key strategic businesses, advised by
| data gathering in coordination with its government, with a view
| to maintaining control, which reflects how the country is
| managed itself.
|
| American investors are running around buying/competing against
| business in coordination with data rich parent company
| entities, with a view to making money. But because it's a
| democratic country where laws preserve autonomy even against
| the government, it's a free for all and anyone can play, even
| Chinese owned American companies. Which is a reflection of how
| the US is managed itself.
|
| This is also how Europe is managed, so I do believe Chinese
| control of telcos is a bigger threat to Europe's way of life.
| eunos wrote:
| >China and its axis ally Russia, clearly bump up against the
| West because our political systems are fundamentally
| opposite, democratic vs autocratic.
|
| Laughable considering cordial relationship between US and
| Vietnam. The latter political system is basically a clone of
| China.
| mensetmanusman wrote:
| It's complicated:
| https://www.rand.org/blog/2020/05/reviewing-vietnams-
| struggl...
| whatshisface wrote:
| > _China and its axis ally Russia, clearly bump up against
| the West because our political systems are fundamentally
| opposite, democratic vs autocratic._
|
| This is a speck of misapprehension that slipped in to your
| otherwise great writeup. Governments don't naturally conflict
| because they have different forms and they don't make
| automatic friends when they are similar. The US is presently
| allied with many autocracies. Middle-aged Europe was
| uniformly feudal, and constantly at war. Pre-WWII America was
| strictly isolationist and despite being a democracy had a
| fairly sized pro-Hitler element. Governments conflict when
| they have something to conflict over.
| buran77 wrote:
| The real reason superpowers clash is that they all want to
| be the dominant but there's only room for one at the top.
| The political or economic systems are absolutely irrelevant
| here. All that matters is what needs to be done to stay the
| dominant superpower. The closer the race, the lower they're
| all going to sink.
|
| US leadership fundamentally doesn't care about human rights
| abuses in China more than Chinese leadership cares about
| abuses against black people in the US. They don't care
| about bringing democracy in a country when their next move
| is to make sure "the right" leader is appointed. They don't
| care about freedom of speech when they can block it as
| needed under any pretense. And they don't care about any of
| the principles they advocate if those principles get in
| their way, they will all happily ally with someone
| embodying the exact thing they're fighting against if it
| server their interest of maintaining or growing their
| power.
|
| And getting to the point addressed above, they care about
| the image of the company they forced to introduce backdoors
| only as far as they can be punished by the bigger power, or
| if they can't sell it as fighting the terrorists (or scare
| word of the day). Case in point, Sweden and Ericsson
| wouldn't get away with it because their sphere of influence
| is a stone's throw away and the US would crucify them.
| China and Russia can mostly get away with it because their
| influence extends far enough that they have enough of a
| "friendly audience" for which they can sell a story. The US
| can get away with it everywhere else because even if Cisco
| is backdoored through and through, the US is the dominant
| superpower and is able to pressure allies to "see things"
| their way, and they can also sell everything as "the fight
| against ...".
|
| Superpowers see advancing their interests by any means as a
| matter of survival and this takes precedence over anything
| else. They'll do what needs to be done and deal with the
| fallout after. And if you live long enough to move through
| these different regimes you start seeing the pattern
| immediately, only thing that changes is the "feel good"
| story the people are served with.
| anchpop wrote:
| That is definitely true, but I think there's an effect
| where citizens of a democracy are less likely to be willing
| to go to war against another democracy. It would be easy
| for americans to justify war against china, because
| americans value democracy and can say "we're liberating
| them from their oppressive government". (And some segments
| of the chinese population are very oppressed, so it
| wouldn't be wrong.) But it seems less likely that a
| democratic government would oppress a majority of its
| population than an autocracy world, so that justification
| is harder to make
| buran77 wrote:
| > because americans value democracy and can say "we're
| liberating them from their oppressive government"
|
| Most democracies are in general against war for practical
| reasons, wars are a drain away from stuff at home that's
| important for them as people. US citizens may be "less
| likely" to want that but only because recent history has
| saturated them with the justification that the war is
| against regimes with "different values". It's an easy
| sell for people who are never to keen on going beyond
| that. So it would mostly be a matter of repackaging the
| justification. Some democracies can afford both the wars
| and the "moral repackaging" for their citizens.
|
| But people also misunderstand democracy and what it
| means. The fact that the interests of the majority are
| respected might also mean that the minority is suffering
| a great deal. How well are black people's interests
| represented in the US?
|
| One the other hand in democracy you are allowed to give a
| tiny endorsement to a person or party for a leadership
| position in the hope that they will represent your
| interest while others are buying "priority" over you for
| this representation with far more than a vote. You're not
| seeing this as less of a democracy so people are not
| judging political systems based on their actual
| implementation but rather by picking and choosing on
| particular values.
|
| Russia is ostensibly a democracy, albeit one where the
| leadership is somewhat predetermined a very small
| minority. USA is a democracy albeit one where the
| leadership is somewhat representing the interests of a
| very small minority. I'm sure a war between these two is
| not seen as such a remote possibility in terms of
| people's preference.
| concordDance wrote:
| > How well are black people's interests represented in
| the US?
|
| Reasonably well it would seem from the outside. 11% of
| congress is "black", which is roughly in line with
| population and there seem to be hundreds of laws and
| programs aimed at helping them. And there's also lots of
| media attention to their problems and struggles.
| buran77 wrote:
| > And there's also lots of media attention to their
| problems and struggles.
|
| People treated well don't need lots of media attention to
| remind those treating them well that black lives matter,
| in 2021. I'd say that for a democracy that's a pretty bad
| track record that isn't improving fast enough. Democratic
| majority decisions sometimes leave the minority far
| behind.
| riazrizvi wrote:
| Democracies are less likely to fight because during
| diplomatic talks they can draw on their domestic values
| that are rules on 'how to collaborate without giving up
| autonomy'. Autocratic cultures most fundamental rule is
| 'who is charge' and then establishing the hierarchy of
| where everyone else fits. So you are always more likely
| to end up in stalemate or conflict when an autocracy is
| one of the negotiating parties because of a higher
| likelihood they might want to force the issue that they
| are in charge.
| whatshisface wrote:
| > _I think there's an effect where citizens of a
| democracy are less likely to be willing to go to war
| against another democracy._
|
| It's difficult to disentangle that from the unpopularity
| of war. Since democratic regimes are harder to get to do
| things, because you have to convince more than one
| person, the null hypothesis would be that autocratic
| regimes have a higher propensity for belligerence,
| especially in societies predating the invention of
| propaganda.
| inglor_cz wrote:
| From what I read about Nazi Germany, going into all-out
| war with other powers was very unpopular in 1939.
| Ordinary Germans supported Anschluss of Austria or
| Sudetenland, but did not want to risk another big war for
| Poland of all things.
|
| But in a totalitarian regime, consent of the governed did
| not matter much. Expressions of pacifism would land you
| in a concentration camp really quick.
|
| Democracies care a little more about what the average Joe
| thinks, even though they are far from perfect in this
| regard and consent can be sorta-kinda manufactured.
| riazrizvi wrote:
| Well thank you. Yes I should learn to tighten up my
| comments, too many points. It's a whole new discussion here
| that we could get into.
| cratermoon wrote:
| > there are risks associated with tapping in to these systems
|
| Which is why the intelligence services never do the hacking
| themselves. Instead, they buy the data off the "dark web", from
| the hackers whole stole and the information brokers who trade
| in it. If they have to do that, that is. In the US at least,
| agencies can just buy data on the open market. Supposedly
| "anonymized", but I'm pretty sure everyone reading this knows
| that protection is flimsy.
| goodpoint wrote:
| Plenty of evidence proves that intelligent services:
|
| - Buy exploits on the market, with the US govt being the
| biggest buyer.
|
| - Buy data off legitimate advertising and intelligence
| companies
|
| - Hire people to find bugdoors
|
| - Hire people to infiltrate all sorts of companies and
| extract information or plant bugdoors
|
| - Convince or coerce companies to plant bugdoors in their own
| products
|
| - Do the hacking themselves, plant hardware backdoors and so
| on
|
| Unsurprisingly, they use all available methods.
| cratermoon wrote:
| OK, I should not have said _never_ , but when the option is
| between "we could hack this but if we get caught it would
| be an international diplomatic incident" and "hey there's a
| broker over here with the data for sale", the _do_ buy it.
| DyslexicAtheist wrote:
| this isn't how any of this works. we're talking about ISP's &
| Telco networks not some data-center at FAANG.
|
| - no need for backdoors since Huawei, Ericsson & Nokia are full
| to the brim with bugdoors (Huawei tops the chart here since
| many years already and as anyone involved in Inter-Operability-
| Testing (IOT) at the NEV will confirm).
|
| - no need for "compromising networks" when you have the actual
| vendor (Huawei, Nokia, Ericsson often their subcontractors)
| sitting totally legally in your ISP's network and being paid
| for responding to the alarms raised and escalated by O&M.
|
| - even the attacks against 3/4/5G become academic in the
| discussion of nation state threat actors when they can operate
| and exploit simply as an insider of the system. These
| weaknesses (as outrageous as they are) are useful but it's a
| different threat model
| quelsolaar wrote:
| I don't have any non-public insight as to how intelligence
| agencies operate, so this is pure conjecture on my part:
|
| If I was I was a intelligence agency in a country where there
| is a risk of blow-back, like in Europe or the US, I might
| prefer to use exploits. That way you haven't compromised your
| own country infrastructure (as much) and the risk of leaks is
| much lower since you dont have to work with an outside
| entity. A government agency forcing a domestic company to add
| backdoors, looks much worse if it gets out, then an agency
| using existing bugs.
|
| If I'm a Intelligence agency in a country that doesn't care
| about blow-back like China or Russia, why bother finding and
| using an exploit, when you can call up the vendor and have
| them design the system with your use-case in mind? You dont
| have to worry about someone fixing the bug you have spent man
| years making exploitable, and you can make sure the backdoor
| can only be used by you. Its way more convenient and cost
| effective.
| rocqua wrote:
| > why bother finding and using an exploit, when you can
| call up the vendor and have them design the system with
| your use-case in mind?
|
| China is now suffering fron Huawei blowback in quite a few
| western countries.
| quelsolaar wrote:
| True. But not anywhere near as bad as in a western
| country. You don't see Xi Jinping being eviscerated in
| Chinese media, or being forced to testify in front of
| congress. Also telcos dont really care, and will continue
| to buy Huawei equipment if prices are low enough, unless
| governments outright ban them from doing so.
|
| I think Huawei, would have experienced almost the same
| blowback even if they didn't have any backdoor. Western
| intelligence experts, would have advised against using
| Huawei without any evidence of backdoors, simply because
| they know they would have put in backdoors if they where
| in the position of china, and they assume the Chinese
| aren't incompetent.
|
| The blow back also serves a political purposes for
| everyone around. Western politicians/military gets to say
| "We need to protect ourselves against scary China!". And
| China's propaganda machine gets to say "Look at the
| terrible racist west treating us unfairly, by accusing us
| of bad things without evidence!".
| adammenges wrote:
| There's a clear bias in your thinking against the US and for
| Sweden. Any of the points you bring up could equally apply to
| both places, but you come out bring the negative against one
| and the positive against the other.
| 1cvmask wrote:
| Ericsson has sold equipment with backdoors (as has other
| historical Western vendors like Philips telecommuncations) for
| the NSA and CIA.
|
| "There is a root backdoor in the telnetd of Ericssons AXE
| backdoor"
|
| https://www.schneier.com/blog/archives/2006/03/more_on_greek...
|
| https://www.schneier.com/blog/archives/2020/04/another_story...
|
| The article in Dutch on Philips Telecommuncations (which became
| Lucent later on):
|
| https://www.volkskrant.nl/nieuws-achtergrond/nederland-luist...
|
| https://www.schneier.com/blog/archives/2007/07/story_of_the_...
|
| https://www.schneier.com/blog/archives/2006/02/phone_tapping...
|
| https://theintercept.com/2015/09/28/death-athens-rogue-nsa-o...
|
| https://www.theguardian.com/commentisfree/2015/sep/30/athens...
|
| and all time favorite:
|
| https://en.wikipedia.org/wiki/Crypto_AG
| quelsolaar wrote:
| I'm aware of a number of backdoor that have been inserted by
| western governments. Linus claims at one point the NSA asked
| him to put in a backdoor in to Linux. The difference is that
| in a free society Linus can go public and that makes it much
| more risky for a intelligence service to try it. It doesn't
| mean it doesn't happen.
|
| The "Back doors" in AXE are a slightly different thing. Many
| countries have laws that says that law enforcement have the
| right to wiretap phone calls under some circumstances. This
| means that telcos want and ask for this feature so that they
| can comply with the law. The telcos are aware of the systems
| capability because they need it to be there. Anyone who reads
| the law can see that the telcos has to facilitate
| wiretapping, but they obviously dont want to advertise it, so
| its an open secret.
|
| Its quite different if you deliver a solution, with a hidden
| back door that the customer dont know about or have asked
| for, for the benefit of the intelligence service in the
| country of manufacturing. Enabling a nation to wiretap
| illegally in countries where they do not have jurisdiction.
| ttty wrote:
| In short, the discussion now is whether European
| telecommunication companies should source equipment from Huawei.
| The worry is that since Chinese companies are heavily influenced
| and often owned (indirectly) by their government (or ruling
| political party), picking Huawei equipment for 5G might be bad
| for us. In the 5G discussion, the assumption is that national,
| large scale telecommunication service providers are currently in
| good (or even full) control of their networks. The idea is that
| these providers (think Vodafone, Deutsche Telekom, Proximus,
| Orange, Telefonica, KPN etc) procure equipment.
|
| Most billing has been outsourced since the early 2000s at least.
| One large Dutch mobile provider has handed over most of their
| technical staff to Huawei. At one major mobile provider the chain
| is now that the company has outsourced IT to Tech Mahindra. In
| turn, the company in turn talks to Ericsson, who then finally
| operate the network.
|
| The idea that telecommunication service providers can guarantee
| the privacy of their subscribers is highly questionable. All
| service providers have a security department, and I know many of
| these people well, and feel their pain. Sadly in all providers I
| know, security departments struggle to get their recommendations
| implemented.
|
| Ericsson software components appear to be developed in China,
| which may bring worries of its own. European service providers
| have reasons beyond balance-sheet gymnastics to outsource. All
| large scale outsourcing companies have been thoroughly
| compromised. In the end, outsourcing is now almost the only
| possibility to survive. One European 15-million subscriber
| network now relies on a core team of 4 people (one of whom is
| their manager) Technical expertise is the first line of defense
| against malicious vendors attempting to spy and destabilise.
| Having strong local knowledge of telecommunications helps assure
| the future autonomy of vital capabilities. European service
| providers are by and large currently not in good control of their
| networks, writes Picking Huawei is not specifically a sea change
| but simply a continuation of existing policy for most providers.
| If we really care about our privacy and the stability of our
| communication networks, we should be able to build such networks
| autonomously. The Galmon GNSS Monitoring Project monitors the RNA
| levels of humans in the human genome.
| wellx wrote:
| " European service providers are by and large currently not in
| good control of their networks, writes Picking Huawei is not
| specifically a sea change but simply a continuation of existing
| policy for most providers. If we really care about our privacy
| and the stability of our communication networks, we should be
| able to build such networks autonomously. The Galmon GNSS
| Monitoring Project monitors the RNA levels of humans in the
| human genome."
|
| Can you just get lost? Thank you!
| layoutIfNeeded wrote:
| Are you GPT-3?
| TylerLives wrote:
| This is amazing. I wonder what % of people would recognize
| that it wasn't written by a human. I thought that some parts
| were confusing but the idea that it was written by something
| like GPT never occurred to me.
| BlueTemplar wrote:
| Meh, you don't need GPT-3 for this, I've used web Markov
| chain tools for quickly generating this kind of text from a
| sample like 15 years ago...
| indeedmug wrote:
| I got fooled. But reading the original article I noticed
| that the generated comment just picks out some sentences
| from the original one and pastes them together. It's not
| generating the sentences themselves but string sentences
| together that fit a context.
| comboy wrote:
| Pretty good karma for a bot.
| [deleted]
| raverbashing wrote:
| Definitely looks like an account that was possibly hijacked
| (due to age of account) to reach a higher karma
|
| Or just a GPT-3 experiment, that's possible as well
| misnome wrote:
| It does seem to be some sort of automated spam - a mix of the
| article, the same chunks of disconnected factlets and some
| random sprinkling of nonsense. Is it possible to flag a whole
| account? @mods?
| wffurr wrote:
| The "random nonsense" in this particular example are the
| next/previous article links from the bottom of the page.
| mkl wrote:
| I believe the whole account is flagged if enough comments
| are flagged by multiple people. I've already emailed dang.
| misnome wrote:
| Right it looks like 10 months ago it was an actual
| account, and either got hacked to karma-farm(?) or author
| decided to use as a throwaway test.
| ChrisMarshallNY wrote:
| Check out the submission history.
| afturkrull wrote:
| Where did your comment go ?
|
| https://news.ycombinator.com/reply?id=26843586&goto=item%
| 3Fi...
| ChrisMarshallNY wrote:
| Oh, it was getting a bunch of downvotes, and it didn't
| really add much to the conversation, so I nuked it.
|
| I'll do that. It's not the downvotes that bother me; it's
| that I am not really adding to the conversation.
|
| I feel that it's important to add to the conversation;
| not just participate.
|
| That post was mostly whining about outsourced software
| and CS. Not my proudest moment.
| afturkrull wrote:
| I found it interesting. Instead of down-voting a comment
| the down-voters should post a refutal. That would add to
| the conversation. I'm always prepared to change my mind.
| Instead of getting down-voted into oblivion.
| Reventlov wrote:
| Yes it is.
| defenestration wrote:
| Yes, it's spamming at a lot of posts at the moment. See the
| other comments it has made.
| swiley wrote:
| We really need more open spectrum. There seems to be no end to
| the privacy problems caused by cellular equipment.
| ng55QPSK wrote:
| How should open spectrum help? Do you think you can run
| infrastructure on scale better than the current operators?
| Semaphor wrote:
| Cynical me certainly can believe all this. But on the other hand,
| I'm wary of just reinforcing what I believe anyway.
|
| How trustworthy is this? There seems to be a lot of inside
| information, where did they get it from? Does anyone have
| corroborating links? All article links are either general, or US
| specific.
| tguvot wrote:
| It's not inside information, it's common knowledge if you work
| in telecom area.
|
| How trustworthy ? It depends. Operators in developing countries
| those day might completely outsource buildout and management of
| their network to Huawei because they frankly have best end to
| end portfolio I think.
|
| With operators in rest of the world, especially those that are
| "well established" reality is more complicated. Telecom
| networks having a lot of moving parts and require a lot of
| domain specific knowledge or proficiency with hundreds or
| thousands types of hardware and multitude of heavily customized
| per telecom needs software systems. For some of those things
| work might indeed be outsourced but in many cases outsourced
| work performed by people who function as company employees in
| day to day: i.e. they work in telecom office building, have
| employee badges, pass background checks, etc. Essentially this
| type of outsourcing is deeply embedded within telecom itself
| for a most part
| topranks wrote:
| The author is widely respected in the internet, open source and
| technical world. He founded the PowerDNS project and worked
| with many operators as a result.
|
| Not that that's everything but I would tend to trust Bert.
| Certainly, based on his tracks record, I don't think he'd
| deliberately mislead.
| mrweasel wrote:
| It's public knowledge that most telcos don't actually run their
| own network. That also make the whole fear regarding back door
| in Huawei equipment at little strange, it seems mostly
| political.
|
| I've pointed it out in previous discussion that China doesn't
| need back doors to western 4G/5G infrastructure, because it's
| their people operating it.
|
| But as with much other technologi our politicians are ignorant
| and forgetful.
| AlphaSite wrote:
| I mean if that's true, doesn't that make the fear a much more
| practical concern?
|
| It's much worse to have a potentially hostile foreign state
| running core infrastructure than potentially have them
| install a back door.
| g_p wrote:
| Much of this is fairly widely known in the telecoms sector, and
| is "open secrets".
|
| The sector is a pretty "closed shop" though, full of trade
| secrets and "proprietary" things. Underneath it all though,
| actually it's fairly simple once you get your head around it.
|
| If you work closely with an operator, even as a client, you'll
| see examples of this - the number of people brought to meetings
| from the vendor, versus from the operator. Who answers the
| questions.
|
| For a public example, see the Telefonica O2 outage in the UK
| (and Japan, I believe) due to an Ericsson certificate outage,
| and how much of a role Ericsson played in this. (https://www.th
| eregister.com/2018/12/06/ericsson_o2_telefonic...)
|
| Press releases also give bits and pieces away:
|
| https://www.ericsson.com/en/press-releases/2019/11/orange-op...
|
| https://www.mobileeurope.co.uk/press-wire/9588-three-uk-join...
|
| Although they might not give the level of detail you're looking
| for, it should hopefully corroborate things.
| Semaphor wrote:
| No exactly what I was looking for, but a good start. Thank
| you!
| throwaway-8c93 wrote:
| The reality is even worse. The article depicts the operators as
| middle-men piggybacking on the tech expertise of vendors like
| Ericsson or Nokia. Unfortunately, the vendors are subject to
| exactly the same pressures.
|
| The whole industry is in a deepening downward spiral.
| Outsourcing and subcontracting is rampant, layoffs left, right
| and center. The combination of non-functional requirements that
| would make even senior FAANG fellows dizzy - left to be done by
| stressed out graying veterans or naive greenhorns, who leave
| the industry after 2-3 years for 50-100% raises elsewhere for
| the same skillset. Due to the monopsony power of the large
| operators, the vendors barely break even on their deliveries.
| There's no institutional knowledge buildup, nobody to take up
| the baton after the veterans retire, the vendors gave up
| pretending they care about being a nice place to work. If
| you're a techie, stay away from the telecom industry.
| ahubert wrote:
| Hi - author here. By all means ask around. I can only tell you
| that I've received may corroborating anecdotes over the past
| year. Many telcos even assumed I was writing about them
| specifically, when I wasn't! I also have a second post that has
| some more logos and names where I based this article on ->
| https://berthub.eu/articles/posts/how-tech-loses-out/
| erikerikson wrote:
| The author would find Pivotal Commware[0] interesting. Not only
| stateside but offering advances in hardware efficiency and
| durability.
|
| Full disclosure: employee, soon investor
|
| [edit: also, they are hiring]
|
| [0] https://pivotalcommware.com/
| lifeisstillgood wrote:
| >>> what remains in the other half are IT Architects who do not
| get closer to actual operations than an Excel sheet or a Visio
| diagram.
|
| the only light point in an otherwise depressing read
| mmaunder wrote:
| Steel production capability is considered strategically important
| in case we go to war, and it has been so since World War II.
| Steps have been taken to retain domestic production capacity for
| this reason. Until we have a planet of one people and one nation,
| we're stuck thinking this way about things that are critically
| important, should we find ourselves at war with a former partner.
|
| Tech sovereignty has become such a thing. And the bad news is
| that we have lost. I'll leave others to debate why, but we can't
| manufacture our own chips, we cant make our own telco networks,
| and the cloud systems that provide back end services are almost
| lost.
|
| The state of play here is dire for the US and it's strategic
| partners. I'd say that surveillance is less worrying than the
| simple fact that a potential future adversary has an off switch
| for these things that they can toggle at will: no more chips, no
| more telco products and no more cloud services - now, let's have
| that South China Sea conversation one more time...
| [deleted]
| one2three4 wrote:
| This is gold.
|
| >> In reality, most service providers have not been operating on
| this model for decades. Driven by balance-sheet mechanics and
| consultants, service providers have been highly incentivised to
| outsource anything that could possibly be outsourced, and then
| some.
|
| >> In a modern telecommunications service provider, new equipment
| is deployed, configured, maintained and often financed by the
| vendor. Just to let that sink in, Huawei (and their close
| partners) already run and directly operate the mobile
| telecommunication infrastructure for over 100 million European
| subscribers.
|
| I think it's quite a safe bet that no operator in China went that
| way by buying and outsourcing from/to Western companies.
| dragonelite wrote:
| Ericsson threaten to leave Sweden, if actions by Swedish
| government meant that they lose access to the Chinese markets
| and running/future contracts.
| tguvot wrote:
| It's nearly impossible for telecom to deploy/configure/maintain
| their networks by themselves due to the scale. For example, I
| just googled, AT&T seems to have 67000 towers/macro cell sites.
| Let's say they want to update all of them to install modern 5G
| equipment. In many cases this equipment may come from different
| vendors and to deploy it might be multi-day job. Of the top of
| my head, about 20% of site visits fail due to various reasons
| (with good percent of them failing even before starting due to
| scheduling issues, sickness, not delivered at time equipment,
| etc) .
|
| How much time and people it will take to AT&T to do all the
| work on it sown ?
| [deleted]
| tgv wrote:
| They did it before, even had to wire everything together,
| coast to coast.
| tguvot wrote:
| "Before" it was simple. Now it's very complex. It's very
| complex exercise in large scale planning, logistics and
| coordination. If company tries to do it by itself, it
| something that will take years of work of hundreds to
| thousands of dedicated to this task people to accomplish.
|
| Market and customers require faster pace.
| benlivengood wrote:
| > How much time and people it will take to AT&T to do all the
| work on it sown ?
|
| About as many people as are currently working on it,
| probably. The work does, in fact, get done by real live
| humans. That they work for a contractor only adds humans in
| the middle. Also the money to pay them is present; it just
| flows through a few extra contractor accounts first.
| tguvot wrote:
| And who will support existing network: fixing things,
| dealing with day to day operations, etc ? If it's same
| people, deployment timelines will be extended by years.
|
| If it's not and you hire extra people in order to work on
| this deployment, than when job is done, you end up with
| extra few thousands of employees that have nothing to do
| and you need to fire them. In this case it's easier, faster
| and cheaper to outsource the work than doing hiring of
| thousands of people, training them and then firing them
| when job is done...
| benlivengood wrote:
| > If it's not and you hire extra people in order to work
| on this deployment, than when job is done, you end up
| with extra few thousands of employees that have nothing
| to do and you need to fire them. In this case it's
| easier, faster and cheaper to outsource the work than
| doing hiring of thousands of people, training them and
| then firing them when job is done...
|
| Are there enough carriers that the contractors stay busy
| 100% of the time or do they just hire and fire people as
| needed?
|
| I get why contract gigs can be mutually beneficial but it
| seems like either the demand is there for full-time
| trained technicians to do a particular job, or there
| isn't. If there isn't, then it does it really matter who
| does the hiring/firing?
|
| I think what I always figured was that most deployments
| are rolling and there will always be new tech to train on
| and then deploy every few years, which sounds fairly
| sustainable as a full time labor force. I haven't ran a
| telco before obviously.
| Spooky23 wrote:
| It's a project based business model and isn't
| particularly challenging to staff. For the field service
| portion of my business, I can tell you how many man hours
| at each title I need for the next 2-3 years. You know
| what you maintenance demand is and can project capital
| projects, because the business knows what capital money
| it's borrowing.
|
| End of the day, it's more to do with accounting stuff
| like fixed asset inventory, risk management and keeping
| salaries and benefits low. It's easier to fire a
| contractor or hire a shittier/cheaper one than deal with
| a bunch of employees. IMO, saving hard dollars isn't a
| driver.
| SSLy wrote:
| And those Western companies that sold to China telecos had
| their IP stolen and appear in Huawei/ZTE products few years
| later.
| magwa101 wrote:
| Interesting insights on who operates these networks. However
| author equates US eavesdropping to Chinese eavesdropping. That is
| simply not serious. The "ship has left the harbor" view of
| existing infrastructure is not sensible, ownership matters.
| walrus01 wrote:
| >> In a modern telecommunications service provider, new equipment
| is deployed, configured, maintained and often financed by the
| vendor
|
| If you think this is bad in some place like the UK, you should
| see how ISPs and mobile network operators are set up in some
| countries in the developing world, where the vendor has fully
| captured the Telco as basically a hostage to its technical
| services.
|
| This is what happens when you have a mixture of institutional
| corruption, kickbacks and bribes, lack of local technical
| resources to develop a domestic network engineering talent pool,
| and a vendor that knows how weak the client entity's negotiating
| position is.
| kazen44 wrote:
| What also does not help is that becoming good at networking
| engineering at scale is something that is hard, if not
| impossible to learn on your own. Software Engineering is
| something one can teach themselves on a laptop, learning to
| design, build and operate networks at a large scale across
| geographies is simply not possible without being part of the
| industry.
|
| Network engineering talent is incredibly hard to come by in
| most regions of the world, especially if you consider that ISP
| networking deals with arcane technologies not really used in
| most "enterprise" networks. (BGP in various ways, MPLS is a big
| one, and arcane transports like SONET or DWDM solutions).
|
| Sure, one might be able to learn how to configure BGP, how ip
| works etc from their laptop using GNS3 or a couple of second
| hand routers/switches, but learning how to design networks at
| scale is completely different beast.
|
| Most people seem to enter the field by getting hired as tech
| support at a NOC and working their way up from there, which is
| kind of a grind compared to some more lucrative positions
| available to people who posses the technical talent.
| walrus01 wrote:
| I agree with 100% of that - a much harder problem to solve
| when learning real network engineering is much more capital
| intensive and requires real financial resources that may be
| beyond the reach of many.
| kazen44 wrote:
| Also, it is a really difficult problem to solve. Most
| curriculums of universities and polytechnical schools only
| focus on the technical, theoretical aspects of network
| engineering, but getting hand-ons experience in actually
| running an ISP network is very, very difficult. The market
| for people who want to get into this line of work is also
| very small compared to software engineers, programmers and
| system administrators. The work is usually high risk,
| technically very complex and it can be very stressful. (It
| being vital infrastructure, and breaking something can
| result in catastrophe for your customers in some cases)
|
| I sometimes wonder what will happen if we have no one left
| to maintain the systems so many layers of software and
| systems depend upon.
| philjohn wrote:
| My concern wouldn't be with data being exfiltrated, seeing as so
| much is E2E encrypted these days.
|
| But what if there is a remote kill switch - taking down a
| cellular network could cause a whole heap of problems in the 21st
| century.
| rcarmo wrote:
| There is an amazing amount of FUD in this article. I have worked
| in the telco industry for the better part of 30 years, and am
| back on it now after a 5-year hiatus in cloud computing.
|
| Before I "left" there was certainly a trend towards outsourcing
| and large "swaps" of radio gear (Nortel-Ericsson in my case, and
| Motorola-Huwawei at a direct competitor, to quote only two
| examples), but there was no way in $UNDERWORLD that we would let
| a vendor have direct access to our gear unsupervised (be it
| Cisco, Ericsson, whatever). Remote troubleshooting was possible,
| but usually via jump boxes and VNC (only very seldom we would let
| anyone VPN in, and even then it was only to sub-sections of the
| network). Nothing left our O&M network. Nothing came in, either,
| because upgrades were rolled out from internal servers.
|
| And it is still very much the same thing today. Although there
| are outsourcers and vendors who work alongside core staff in my
| telco customers (like myself now), we don't have access to
| anything but lab or dev environments, and even then mostly with
| MFA and very stringent limitations.
|
| Outsourced staff _does_ do field service of various kinds, and
| they do have access to base stations, DSLAMs and various other
| physical infrastructure, but that's usually done with (usually
| much cheaper) local technicians and not vendor staff. There are
| certifications for those.
|
| The reality is that most telco services are being "automated out"
| and moved to virtualized stacks that are easier to manage. And
| yes, VoIP on the core (no more SS7 if anyone can help it) and
| Kubernetes everywhere...
|
| But what I found to be really weird was the notion of outsourcing
| billing. Besides being a GDPR nightmare (and I'm in Europe, like
| the author, so I find it doubly unsettling), that was only done
| "off-prem" when all companies involved were in the same group
| (which was customary when fixed and mobile operators were
| separate). These days billing is, comparatively, greatly
| simplified (thanks to flat fees, real-time billing systems for
| prepaid and streamlined bundles), so the only data that actually
| leaves the BSS core goes to the (smaller and smaller) printing
| facilities.
|
| So I would take it all with a massive dollop of salt.
| BenoitP wrote:
| > One even went so far as to state during an all-hands meeting
| with technical staff that 'running a communication network' was
| by no means a core competence for them.
|
| This is an outraging but very widely spread phenomenon. No
| industry is spared from the MBA hawks. Everything now is rent-
| seeking and moat building. Innovation has been packaged away and
| can only happen when the market makers say it can.
|
| What can an engineer do about that?
| phreeza wrote:
| What I don't get in this entire conversation is how is 5G
| different from any other transport layer? Can't secure
| communication be achieved by encrypting the communications at a
| higher level?
| mensetmanusman wrote:
| Metadata still exists in that framework.
| elzbardico wrote:
| Just another instance of how Harvard Business School completely
| f*ing up things. Future historians will have trouble
| understanding how we let MBAs destroy our civilization.
| ng55QPSK wrote:
| Ehm. You all are aware that 5G was created with the expectation
| that in the future all networks (and core functions) will be
| cloud-based? The last remaining HW will be the physical antenna
| and some PA/LNA and some local signal processing. You connect
| fiber to that and everything else is a operator-as-a-service
| model - running on AWS/Azure/GCP.
| walrus01 wrote:
| You're aware that telcos have massive amounts of physical stuff
| needed to make that happen first? You can't "cloud" hand wave
| away things like massive metro scale dark fiber networks for
| backhaul. Or things like inter city long haul DWDM networks. I
| assure you there's a lot more going on hidden behind the scenes
| of a modern ISP or 4G/5G carrier than just some antennas and
| software in a VM somewhere.
| ng55QPSK wrote:
| This will not happen this year. But in the long run you don't
| need much own HW to be an operator. And fiber connectivity is
| (as the startpoint of this comments) outsourced in large
| scale.
| walrus01 wrote:
| "in the long run you don't need that much HW to be an
| operator" - have you ever worked for a facilities based ISP
| or Telco and visited the interiors of dozens of different
| POPs? Please do so and then come tell us all about how
| telecom infrastructure on a national and global scale isn't
| composed of massive amounts of hardware all over the place.
| ng55QPSK wrote:
| I work in a team that created 5G. And around ~2014 it was
| clear: operators want to go away from own HW.
| walrus01 wrote:
| Just because you've outsourced some function to another
| contractor or telecom doesn't make the physical stuff go
| away. It just abstracts it away to someone else's
| responsibility.
| kazen44 wrote:
| how? the hardware needs to be there because you actually
| need to run the physical infrastructure to locations, no
| matter the technology, you still need geographical coverage
| to actually build connectivity.
| tguvot wrote:
| well, around ~2011 network operators discovered that it's
| possible to virtualize network&compute, i.e. run routers,
| switches and computers in VMs. As result of this they
| came up with a grand plan where they will stick
| everything to virtual machines on top of cheapest
| hardware (preferably). A bunch of conferenced happened in
| order to define standards for all this happy future. Only
| most of it crashed and burned for multiple reasons. But
| it was back then.
|
| Now, in theory, it's pretty much possible to run operator
| based on leased lines (many operators actually run over
| leased lines anyway, in many countries and they don't own
| physical fiber networks due to regulations or other
| reasons), and interfaces with antennas/enodebs that are
| "virtualized" (to support multiple operators at once) or
| even using cloud-ran while deploying rest of software
| stack "in cloud".
| signa11 wrote:
| checkout how rakuten and altiostar are doing just that.
___________________________________________________________________
(page generated 2021-04-17 23:00 UTC)