|
|
|
Two AltNets are currently installing fibre networks in my village. After 30+ years of very indifferent broadband coverage by OR, and given that OR presently have no plans for FTTP here within the next 5 years, it's all rather exciting.
I understand that most Altnets use Passive Optical Network (PON) topology. This implies that all packets go to all users who are downstream from the same splitter. Presumably each ONT filters out packets intended for other users by some address mechanism?
If Moriarty is on the same splitter as me, how easy would it be for him to hack his ONT so that he can read my stuff? Sort of like an ethernet sniffer in promiscuous mode? Or should everything sensitive on such a network be end to end encrypted?
|
|
|
Two AltNets are currently installing fibre networks in my village. After 30+ years of very indifferent broadband coverage by OR, and given that OR presently have no plans for FTTP here within the next 5 years
... or at least not yet announced ...
it's all rather exciting.
I understand that most Altnets use Passive Optical Network (PON) topology.
As does Openreach.
This implies that all packets go to all users who are downstream from the same splitter. Presumably each ONT filters out packets intended for other users by some address mechanism?
If Moriarty is on the same splitter as me, how easy would it be for him to hack his ONT so that he can read my stuff? Sort of like an ethernet sniffer in promiscuous mode? Or should everything sensitive on such a network be end to end encrypted?
The OLT<=>ONT traffic is encrypted using AES in both directions. However as far as I can tell, the keys are generated by the ONT and sent in the clear; the security relies on the fact that it's very hard for one ONT to sniff packets sent upstream by another ONT (since the majority of light arriving at the splitter will continue upstream). More details in this paper.
In any case, the PON uses two different wavelengths for send/receive; the ONT is tuned to send on one wavelength, and receive on a different one, with very strong filters to allow simultaneous transmit and receive. This means that an attacker would need to plug in highly specialised equipment to learn the keys of other users; just changing the firmware on an ONT would be insufficient.
Therefore, it's very likely that your neighbour is not going to be able to read your traffic. You should however assume that the spooks *can* read your traffic, since they'll have access further up into the network anyway.
|
|
|
|
All your downstream packets are AES-128 encrypted (as per the GPON standard) and your upstream packets are on different TDM timeslots.
Man in the middle attacked are theoretically possible, and there have been academic papers published in the past on the topic, but the security for GPON etc standard is fairly robust.
Incidentally the same technology is used by Openreach and CityFibre as well as the various AltNets with the exception of those that use point-to-point technology for the customer loop.
|
|
Register (or login) on our website and you will not see this ad.
|
|
|
You should however assume that the spooks *can* read your traffic, since they'll have access further up into the network anyway.
Therein lies the rub.
|
|
|
If Moriarty is on the same splitter as me, how easy would it be for him to hack his ONT so that he can read my stuff? Sort of like an ethernet sniffer in promiscuous mode? Or should everything sensitive on such a network be end to end encrypted?
To do a proper man-in-the-middle attack Moriarty would not only need to defeat the encryption key exchange / renewal process, he would also need to physically splice into the PON at some point.
Even though upstream traffic is not encrypted, to be able to see your (or any other ONTs) upstream traffic, Moriarty would need to either insert a 'sniffing' splitter in front of the main 32-way PON splitter. Easier said than done.
Moriarty would have to actively amplify the signal, at the point he spliced his 'sniffing' splitter into the PON - without doing so and inserting a passive two-way splitter into an active PON would drop the light levels in the PON - either simply knocking all the OLTs in the PON out completely and/or triggering a management alarm on the OLT as the light levels from all the other ONTs would suddenly halve...
When OR/CityFibre/AltNet then fire an OTDR trace down the PON they would be somewhat surprised to 'see' an extra splitter in the PON I dare say.
|
|
|
|
Thanks guys for prompt replies. Especially for the referenced paper, which looks very interesting, and which I will read with care. (I knew a Tomas Horvath in a previous life, but I don't think it can be the same one.)
Sorry if it was a dumb question, but up until a few weeks ago FTTP was a distant dream in this neck of the woods, and I hadn't paid much attention to it. I'm now trying to get up to speed asap.
I'm sure OR have all sorts of plans that they haven't announced. I'm retired and an OAP, and have no access to inside info. I can only go by what OR publish on their website. Also I didn't say anything about OR's fibre network design, PON or otherwise. That's irrelevant here, and I haven't gone into it.
I am also aware that the spooks can read more or less anything they want to, notwithstanding any end to end encryption that I might be able to deploy . The Snowden disclosures in 2013 left little doubt about that, and I'm sure they haven't stood still since then. As I type this I'm wearing a T-shirt that reads: "GCHQ - always listening to our customers".
|
|
|
Thanks guys for prompt replies. Especially for the referenced paper, which looks very interesting, and which I will read with care. (I knew a Tomas Horvath in a previous life, but I don't think it can be the same one.)
Sorry if it was a dumb question, but up until a few weeks ago FTTP was a distant dream in this neck of the woods, and I hadn't paid much attention to it. I'm now trying to get up to speed asap.
I'm sure OR have all sorts of plans that they haven't announced. I'm retired and an OAP, and have no access to inside info. I can only go by what OR publish on their website. Also I didn't say anything about OR's fibre network design, PON or otherwise. That's irrelevant here, and I haven't gone into it.
I am also aware that the spooks can read more or less anything they want to, notwithstanding any end to end encryption that I might be able to deploy . The Snowden disclosures in 2013 left little doubt about that, and I'm sure they haven't stood still since then. As I type this I'm wearing a T-shirt that reads: "GCHQ - always listening to our customers".
If you were not on a list, after that admission you now are. 
|
|
|
Two AltNets are currently installing fibre networks in my village. After 30+ years of very indifferent broadband coverage by ORand given that OR presently have no plans for FTTP here within the next 5 years, it's all rather exciting.
Given that BT only launched a commercial ADSL service in 2000, that's pushing it a bit!
|
|
|
|
Maybe so, but I'm old enough to remember having used acoustic couplers and V.21 modems at 300/300 bps!
I can recall what an advance V.32 was, offering 9600/4800 bps.
|
|
|
I raise you Prestel 1200/75 (bits per second, not megabits per second). And people complain about asymmetric speeds these days
|
|
|
notwithstanding any end to end encryption that I might be able to deploy .
e2e isn't breakable itself, but the areas beyond the e2e "bridge" are snoop-able. Anyways its far easier, to do the old email virus, or even webpage. Given that the some USA agencies have created their own os, to bring down a crime network, which would in turn render e2e pointless.
In another words you are more or less right
|
|
|
I raise you Prestel 1200/75 (bits per second, not megabits per second). And people complain about asymmetric speeds these days Prism VTX/5000 on a Sinclair Spectrum and Prestel/Micronet 800. Those were the days
22 years of broadband connectivity since 1999 trial - Live BQM
|
|
|
You used a screen?
A 33 ASR Teletype and a shoe-box sized Post Office BT Datel 600 (?) modem started me off in 1975/76. I still have a roll of paper tape for a program to produce 5-figure random groups of letters for Morse practice. ISTR that there was also a modem that fitted beneath a 700 series telephone, but for the modem I was using I am sure that the connection to the phone line was via a round Cannon type plug/socket and not the PO plugs such as the type 420.
Cheers!
Clive
Andrews & Arnold Home::1 FTTC DrayTek Vigor 2762ac Cisco ATA191 and HUAWEI E5776 with O2 Data SIM
|
|
|
You used a screen? Impressive, I missed that era.
22 years of broadband connectivity since 1999 trial - Live BQM
|
|
|
|
As I recall, "broadband" originally meant bit rate greater than the baud rate. V.32 qualified under that definition. I think it used a QAM modulation on a 2.4kHz baseband carrier - details are somewhat hazy now. Came in late 80s. I was certainly using the internet from home from around 1993, and I think that must have been with V.32 or V.32bis because 56K modems didn't really arrive till the late 90s. Not sure what broadband means these days, other than vaguely high bandwidth.
But I accept that this is special pleading, and binary has a point. 20+ years is nearer the mark. Too long, anyway. Through ADSL and now FTTC, BT's wire (both copper and some aluminium, OR have admitted to me) has caused nothing but trouble which armies of OR engineers have failed to fix. I can't wait to be rid of it all for good.
But I/we digress. Sorry.
|
|
|
|
I took "narrowband" as meaning "uses voice frequencies", and "broadband" as meaning "uses a wider range of frequencies" (and hence higher data rate).
|
|
|
Everything sensitive is going to be encrypted from your side anyway - how many websites do you use that don't have TLS?
PON is fine. If you've so many enemies with the funding that you're worried about your PON being tapped I would suggest bespoke malware is probably a bigger concern.
Fin
|
|
|
As I recall, "broadband" originally meant bit rate greater than the baud rate. V.32 qualified under that definition. I think it used a QAM modulation on a 2.4kHz baseband carrier - details are somewhat hazy now. Came in late 80s. I was certainly using the internet from home from around 1993, and I think that must have been with V.32 or V.32bis because 56K modems didn't really arrive till the late 90s. Not sure what broadband means these days, other than vaguely high bandwidth.
But I accept that this is special pleading, and binary has a point. 20+ years is nearer the mark. Too long, anyway. Through ADSL and now FTTC, BT's wire (both copper and some aluminium, OR have admitted to me) has caused nothing but trouble which armies of OR engineers have failed to fix. I can't wait to be rid of it all for good.
But I/we digress. Sorry.
No, digression is great! I remember looking longingly at 56K modems in the late 90's, whilst using a 28.8 or 33.6 kbit/s internal one that came with the PC. Given the costs and inconvenience of dial-up, it was hard to justify an upgrade.
Regarding those earlier times, I recall a family member who keenly took to email but didn't really get their head around the web until the arrival of (ADSL) broadband. The advent of 'always-on' internet connections in the home made all the difference.
I also remember noting on many occasions how the North American software design just assumed that local calls (to ISP's POPs/ access numbers) were free/inclusive, totally failing to take account of Europe (and elsewhere) where such calls were charged per minute... meaning every second online counted!
Anyway I am off to watch something on my HD telly, though I still haven't got my head around the fuss regarding 'high definition television', given that it's been around since 1936... 
|
|
|
|
Yes, thanks, I agree, I am reassured by what you guys have told me. FAPP I'm happy now that PON is as secure as most other stuff I use.
As I indicated earlier, FTTP has only just become a possibility where I live. I haven't previously looked into the details. Now I understand a bit about the encryption, key exchange etc, it all makes more sense.
|
|
|
No, digression is great! I remember looking longingly at 56K modems in the late 90's, whilst using a 28.8 or 33.6 kbit/s internal one that came with the PC. Given the costs and inconvenience of dial-up, it was hard to justify an upgrade.
I remember 56K modems but in my case I decided to go for it. I was paying £10 a month to NTL for dialup access on an 0800 number.
It then took a little twist because my employer decided it to have a teleworking trial which I managed to get on because I lived 50 miles from the office. They installed and paid for an ISDN30e connection and I discovered that the NTL 0800 number supported ISDN so had access to a 128 Kbps internet connection.
|
Pages in this thread: 
Print Thread
