Author: Martin

How Do You Compete With Your DSL Competition?

I've just read an interesting article about how difficult it is today in some countries for DSL and cable operators to compete due to the sheer number of rivals in this sector. True, I can see it in France, for example. In Paris I can choose between at least 10 different DSL providers and the highwater mark for tripple play services (Internet access, unlimited landline calls and IPTV) is 30 euros per month, set-top box included. And competition is getting fiercer with alternative providers such as Free adding service upon service while sticking with the 30 euros per month price tag.

So the only real differentiator you could have against that competition is a wireless 2G/3G network that you bring into the bundle. To stay with the French example, Orange, SFR and Bouygues are going in the direction and are now all offering a DSL and set-top box. For now, I don't see a lot of combined fixed/mobile offers except maybe common billing, which won't make a lot of people switch to another DSL provider. But I suspect that might change in the not so far future when solutions mature to let people access the content stored in their set-top box or in their home network from their mobile device while being away. A unique chance for mobile operators with fixed line assets as they are in the right place to pre-configure the mobile devices and the set-top box (maybe even centrally) of a household to work together seamlessly.

Throw some femtos into the equation or simply a 3G USB modem with a SIM card that automatically installs when you plug it into your notebook. A daily fee or a couple of euros extra a month automatically and transparently put on your monthly invoice. Quite a number of options DSL/cable only players do not have. I am curios which fixed/mobile player will go ahead first to heat up the competition.

SAE Review Part 1: Let’s Be Flexible and Redundant

Release 8 of the 3GPP specification is nearing completion and I thought it's the right time to have a closer look at one of the key core network architecture specifications for LTE, or to be precise, the SAE (System Architecture Evolution) in 3GPP TS 23.401. It's title 'GPRS enhancements for E-UTRAN' is a bit misleading as it is an architecture document in itself that shows the full architecture and not only enhancements. It has become a massive document, 219 pages at the moment, so a single blog post won't do to describe the features which are different compared to GSM and UMTS. So I've decided to split the review into several parts and start with the flexibility and redundancy of network elements which is built into the system from day one.

In the initial 3GPP specs for UMTS (Release 99 or Release 3 if you will after the current counting method), the network was pretty hierarchical. One UMTS base station (NodeB) was connected to one radio network controller (RNC) which was in turn connected to one MSC for voice calls and one SGSN (Serving GPRS Support Node) for packet data traffic. In later 3GPP releases the RNC interface has become more flexible (the famous Iu flex) and in theory, a single UMTS RNC can now be connected to several MSCs and SGSNs for redundancy and load sharing purposes. In practice, however, I suspect it is not used a lot (yet).

Splitting the gateway into MME and SGW and assigning several to a single base station

In the LTE/SAE specs, flexibility and redundancy is built in from day one.  A single LTE base station, called eNodeB, can now be connected to several gateway nodes simultaneously. The gateway node itself is split into a Mobility Management Entity (MME) and a Serving Gateway (SGW) and an interface has been defined between the two. So in practice both can be in the same physical device or split into two different devices. There is also no need to have the same number of MMEs and SGWs in the network, so capacity can be independently increased for the management part (MME) or the datapath (SGW) as needed.

Moving subscribers from one gateway to another and creating redundancy

There are even functions foreseen to move subscribers of one MME or SGW to another MME or SGW, for example to upgrade the software and then reboot the device. Another benefit of pools is that in case one device fails, not all users in the area are affected. If one node fails and the connection is interrupted a device can quickly reconnect and be assigned to a different node. Quite a difference to today where the failure of a single SGSN immediately renders a part of the network useless. It happens often enough…

[Updated 7. September 2009] Tracking Area Lists to prevent border hopping

Another piece of flexibility are tracking area lists, which used to be called location areas (LAs) or routing areas (RAs) in UMTS. Like LAs and RAs, a tracking area is a conglomerate of one or more cells. Mobile devices currently not connected to the network only have to report to the network when they change to a tracking area which is not in the list that was assigned to them by the MME during the last tracking area update. This reduces power consumption and reduces mobility management signaling in the network. Tracking area lists in effect blur the tracking area boundaries and prevent scenarios in which a mobile device keeps hopping between two cells in different tracking areas resulting in frequent signaling exchanges and battery drain.

Packet Data Network Gateway flexibility

And of course the packet data gateway (PDN-GW), the gatekeeper between the mobile network and the Internet (or a fixed line IP network in general) is also not fixed but can be chosen from a pool.

Summary

As shown above, the whole LTE/SAE architecture has been defined in a very flexible way for several reasons. Compared with the flexibility added to GSM/GPRS and UMTS over time, this goes one step further and the use of IP for all interfaces helps a great deal to make this much more simple than in 2G and 3G networks.

So much for today. In the next part, I'll look at Mobility- and Connection Management (EMM and CMM) and the differences to UMTS's Packet Mobility Management and Session Management (PMM and SM).

Sandboxie

Not a truly mobile story today by itself but one that started as a such some time ago on this blog. A while back I reported on a first weakness found in the Wi-Fi WPA encryption. I didn't get all the facts right the first time and was promptly corrected by a reader who was kind enough to supply a link to Security Now, a great podcast show, that each week explains security issues at great length but easy to understand. I listened to the podcast, corrected my mistakes and subscribed to the podcasts on my N95 to have interesting podcasts while traveling. Recently I listened to podcast 172 about a program called Sandboxie for Windows machines that I think is so useful that I would like to mention it here.

With Sandboxie, you can put programs like web browsers, e-mail clients, instant messengers, etc. in a sandbox that redirects write access to files and the registry to a copy instead of to the original. This way should you catch a virus via a web page or via that attached power point file of an e-mail from a trusted friend, all the malicious code can do is harm a copy of the file and the registry. It can still steal data as it has standard read access to all other files but it can't harm the machine anymore. As soon as the last program in the sandbox ends, the files in the sandbox are deleted and gone is the threat.

It's even possible to install programs in the sandbox. They just run just fine afterward, but only in the Sandbox of course. Once you are done with testing, delete the sandbox and you can start from scratch. No orphan files remaining, no extra clutter in the already fat registry. So the concept of Sandboxie is quite similar to that of a virtual machine except that the applications have read access to the outside. The big advantages are that it requires no extra memory and processor resources, it just adds a shell of protection around those programs so they can't do any harm.

Completely blocking write access has it's drawbacks, too, of course. With a complete isolation, it's not possible to permanently store bookmarks for example and you will also loose your e-mail that is stored in local files once the sandbox is deleted. But the author has thought about that as well and it's possible to activate exceptions for the most well known programs so that their configuration and data files are not sandboxed. For less well known programs, it's possible to configure files or directories that are excluded from the sandbox manually. And, with the registered version, it's even possible to define programs which are automatically run in the sandbox when they are started. Great for an installation for less computer savy users to make the sandbox almost transparent for them.

So while it's not the purpose of Sandboxie to replace an anti-virus scanner it's a great tool to add another layer of protection. It takes some knowledge to configure it for individual purposes but once done, even less computer savvy users should not have a problem with it. So while the proof for that is still outstanding, I'll install it on a normob notebook soon 🙂

I love it how one gets from A to B on the web, I would never have heard of it would I not have blogged about the Wi-Fi WPA attack, if someone would not have commented and left a link and if someone else hadn't bothered to do a great podcast every week I listened to on my mobile phone during a long car trip. In this way, it is actually a mobile story after all.

Carnival of the Mobilists 158 over at the VoIP Survivor

Cotm-button
This week, the Carnival of the Mobilists has stopped over at Tsahi Levent-Levi's blog, aka the VoIP survivor for an as usual impressive roundup of what's been happening in the mobile blogging sphere over the past week. To my great pleasure and surprise, my entry on the use of Wi-Fi in mobile devices has been voted for being the best post of the week. Thanks for that, I really appreciate it! So for all the best from the mobile blogging sphere, don't hesitate, head over and enjoy!

Wireless Repeaters in the Spa?

Spa-1
Yes, yes, one should go to a spa to relax but I couldn't help to notice that even in a spa there are interesting wireless things going on. Recently we went to the Linsberg spa near Vienna, newly opened a couple of months ago, a place that even the old Romans would have approved of. It's a bit outside the small village of Bad Erlach and one wouldn't expect great mobile coverage there. To my surprise, however, the ground level was well covered by all but one of the wireless networks by the antennas in sight over in the village. On the lower level, things looked a bit different, the concrete walls are probably too thick for signals to make it through.

Nevertheless, Mobilkom's GSM and UMTS networks were available with full signal strength while all other networks didn't quite make it through. Quite interesting so I had a closer look around. There is an antenna on the roof of the adjacent spa hotel so the good signal could come from there. Or it is those little boxes installed throughout the building with a "Mobilkom" sticker on it (see the pictures below)?

I can't be fully certain that those are 2G/3G repeater antennas but it pretty much looks like it. So it looks like Mobilkom has seen a business opportunity in specifically covering this location. I wonder if they are 'only' providing mobile coverage or if they are also providing the infrastructure for local communication, both fixed and mobile!?

I think it would make a lot of sense to be an end-to-end telecom/Internet provider for both employees and customers at such a place. You install your infrastructure once and get paid by several user groups. But that's all speculation on my part, of course. I think there's lots one could do with that. For example: Instead of installing a separate data infrastructure and Wi-Fi access points in the hotel for those that don't yet have a 3G USB modem one could rent out dongle docks such as the D100 to guests. Also, covering meeting rooms with Wi-Fi and backhauling it over 3G saves a lot of money as well.

So, if anyone from Mobilkom (or anyone else for this matter) is reading this and would like to comment, please do.

Repeater-1
Repeater-2

How To Secure The BarackBerry

Some sources have started speculating if the secret service lets President Barack Obama continue to use some sort of Blackberry. The latest speculations are that he might get a Sectra Edge, a ruggedized and secured Palm Treo 750. You can find the specs here but while they are interesting, they don't (of course?) go into the details of how things are secured in practice. Tomi Ahonen over at Communities dominate brands has a good post on possible angles of attacks. I think these are quite possible for someone with time, monetary resources and a couple of infiltrators. Tomi suggests a couple of countermeasures which I think are quite interesting and I've come up with some of my own while commuting today that I thought I'd share here:

Phone identification and targeting

The first thing that needs to be done is to ensure anonymity. Today, there are two IDs in GSM/UMTS systems that can be exploited if somebody knows them and can get access to the core of the mobile network to find out the current location of the phone up to the level of the radio tower. These IDs are the International Mobile Subscriber Identity (IMSI) on the SIM card and the International Mobile Equipment ID (IMEI) of the mobile phone itself. Also, knowledge of one of the two values can also be used by someone who has access to the core of the mobile mobile network to intercept non end-to-end encrypted voice calls and Internet traffic.

To ensure anonymity these IDs should be changed in regular intervals. If I were the secret service I would get a large number of IMSI's of several network operators, get the SIM card vendor on board and devise a scheme to change the IMSI on the SIM card on a regular basis. Concerning the IMEI a changing random number would do. 

Another thing I would do is to use the pool of IMSI's not only for the president but also give similar phones to his aides and other people in the government that need to communicate with him and others securely. This ensures encrypted communication. At the same time more than one IMSI of the pool is active, so its fruitless to get hold of the IMSIs of the pool as the attacker still wouldn't know which one is currently used for the president's phone.

Changing IMSI's on a regular basis has one big disadvantage: Whenever an IMSI is used for the first time it is transmitted in clear over the network. In all subsequent communication establishment requests a changing temporary id (the TMSI and the P-TMSI) is used. So an attacker could use this to try finding the president's phone by scanning the air interface for those rare IMSI based connection establishments. In addition the scanner used would have to be near the location of the phone (i.e. in the same cell) and the attacker would need the list of IMSI's used for the purpose. A very remote possibility and the attacker could not do a lot with the info anyway. A countermeasure would be to have many such phones around the president (e.g. those of his aides) doing the same thing. 

Outgoing Voice calls

Both network encrypted and end-to-end encrypted calls could be directly connected to the destination. However, I would put a gateway in the middle to which all calls are sent and which then forwards them over a secured link to a second gateway which brings it back into the public network again. This way the current phone number of the president linked to the IMSI could not be seen at the other end and could also not be tracedby someone having access to the public network.

Incoming Voice calls

A bit more tricky as other persons don't know the presidents current phone number. Again, a gateway would help which knows the current number of the president. It could be informed via an encrypted data connection by the phone itself of the current phone number (see below).

Getting to the Microphone and Camera

Every now and then one can find reports that hackers can get access to the microphone of a phone by giving it a secret hidden call. It might work or not with some public phones but not with one that was inspected by the NSA. Also, frequently changing IMSI's should prevent anyone from knowing which number to call.

GPS Positioning

By controlling the operating system itself and the applications that run on the smartphone it can be ensured that even if the phone has a GPS the coordinates are not smuggled out. Not a big issue here.

Internet connection

I'd only allow a "full tunnel" solution, i.e. everything goes through an encrypted tunnel to a gateway and only from there to the Internet. The tunnel termination on the network side must be well protected, of course, but I think the people working at Ford Meade know how to do that.

Smartphone viruses

With a customized OS version I would ensure that applications can't be installed and that all applications running on the phone have no hidden weaknesses and backdoors. Not trivial but I am sure it could be done with a tiny fraction of the NSA's budget.

E-Mail

The e-mail client must of course be able to use strong end-to-end authentication and encryption, and authentication and encryption for transmission to the server itself. Needless to say that the server should be well secured.

Web surfing

To prevent bad things in web pages harming the smartphone I would run all communications via a secured and monitored web proxy. No direct contact with the Internet for the web browser. Another benefit of the proxy is to anonymize the traffic.

And the rest

I'd block all other Internet traffic from or to the phone to ensure that the e-mail client and the web browser are the only applications that can communicate with the outside world. Also, I'd give the TCP/IP stack a very hard look to ensure no buffer overflows from malformed packets can cause any harm.

Lot's of stuff to be done to secure such a phone, no question about that. But I guess the president of the United States is not the only person requiring air tight security so the cost can be split. Also I would be very surprised if a lot of this infrastructure is not already in place. Like all security measures, securing the BarackBerry is a cat and mouse game and not a one shot operation. I am sure the list above is far from complete. Further ideas?

Business Rationale Behind 12 Month Prepaid Data Offers

Previously, I reported that Vodafone UK is the third operator I know that has now started to offer a prepaid package for wireless broadband access that includes a gigabyte of traffic and is valid up to 12 months. When only looking at the 12 months, it would seem that this is rather a bad deal for the network operator or in other words, not a lot of revenue opportunity. However, I think quite the contrary is the case.

Let's take Austria for example: If you take a post paid contract for wireless Internet access from mobile network operator Three for example, 3 gigabytes per month are now available for 9 euros. Compared to the 15 to 20 euros others like A1 and Yesss charge for the one gigabyte per 12 months, is only a fraction. So the 12 month offers are attractive for infrequent users and travelers who would otherwise not spend anything at all, as even the 9 euros is too much for them. So it is better to get that 15 to 20 euros revenue than not getting it at all. And by doing so, your margin is much higher compared to the contract offers.

I guess a lot of people taking the 12 month prepaid offer will not fully use the gigabyte so the bottom line is even better. And for those that do, they are likely to buy a top-up, thus increasing the revenue once again. A win-win situation in any case.

How Can LTE Reduce the Cost Per Bit?

Recently, a question was asked in the LTE forum on LinkedIn how LTE can reduce the cost per bit compared to todays broadband wireless systems such as HSPA. I found it quite interesting that a lot of people immediately jumped at the greater spectral efficiency as the means to reduce the overall cost. But I think there are also other innovations which will drive down cost:

  • There are no Radio Network Controllers (RNC) anymore, i.e. fewer network components
  • The backhaul network is radically different. While E-1/T-1 connections (cable, microwave) are still heavily used today, LTE will be rolled out with Ethernet over fiber / VDSL and microwave. Huge cost advantage here. It's not spectral efficiency operators worry about today, it's the rising E1/T1 backhaul costs.
  • In all fairness, it has to be said, that current HSPA networks are changing towards this as well in terms of backhaul and network element (e.g. one tunnel architecture) but it is not built in and the RNC is still required.
  • Another reason why LTE has a cost advantage over today's deployed networks is that technology has advanced and allows smaller base stations to be built which require less power, less space. These will be deployed from day 1 and in many cases will be put inside existing base station cabinets or mounted besides.
  •  Also count in remote radio head technology that will probably be used heavily with LTE to drive the cost down.
  • In the mid- to long term, I think LTE access will be the catalyst to have multi radio base stations with a common Ethernet based backhaul thus also driving down the cost of 2G and 3G systems to some extend that will remain in place for the time to come.

Anything else you can think of?

Lots of Wi-Fi in Smartphones These Days

When Nokia started to put Wi-Fi into smartphones about three years ago they were pretty much the only company doing that and they were looked at suspiciously by both the competition and network carreirs. At the time a lot of people said they were not sure if Nokia would prevail with their strategy and that carriers would strongly oppose such phones.

If you look at the market these days I think it has prevailed quite well. All Nokia N-series phones have Wi-Fi built and virtually all competing mobile device vendors have followed their lead. Apple has it, HTC has it, RIM now has blackberries with Wi-fi and even Sony Ericsson has now started to put Wi-Fi into their camera feature phones (e.g. the new C905).

The way I see it, Nokia has made good use of their first mover advantage and currently offers the widest range of services over Wi-Fi. Here's how I use the built in Wi-Fi in my N95:

  • Mobile web browsing (the number one application for every Wi-Fi enabled phone I guess), both the built in browser do a great job for surfing the web in general, using Google Reader for my RSS feeds, mobile banking, etc.
  • My second killer application: VoIP telephony with the built in SIP client. I guess Nokia is the only company that has so far integrated a full VoIP client integrated in their software. It's fully automatic. When I get home, the N95 senses my home Wi-Fi and automatically connects. It's fully replaced my landline cordless phone by now.
  • Automated podcast download: The podcasting application runs in the background and automatically downloads the latest podcasts when they appear. A very nice application and I've configured it in a way to only do it over Wi-Fi but not over cellular.
  • Mobile Web Server: Very cool application to access my phones address book, calendar, camera etc. via my notebook's web browser. Here are some more details in case you never heard about it before.
  • Picture upload to Flickr: When I travel to countries in which I only have an expensive mobile data subscription I rather wait to upload pictures to Flickr until I reach the cover of a Wi-Fi network. Shozu does a good job here with queuing pictures marked for upload and automatically sending them when a configured network becomes available.
  • e-mail: When at home, my e-mail client (Profimail) uses the Wi-Fi instead of the cellular connection. Very convenient and cost saving.
  • When I am traveling, I have my dongle dock with me and instead of communicating with the 3G network directly, most applications use Wi-Fi to the dongle dock which then sends out the data via 3G. Helps to save cost because in many country data over data only SIMs is much cheaper than a data add on to a SIM card with a decent voice tarrif.
  • Some people us the 3G connectivity and the Wi-Fi as a Wi-Fi bridge for other devices. I prefer my dongle dock but I am sure such a solution appeals as well.

To see how the competition has reacted in the meantime here's a question to those with a non-Nokia smartphone: Which applications does your device offer today and which of those do you use?