By Simon Woodhead & Peter Farmer
We discussed last week what we’d like to see from the Narrowband Review. Less than 24 hours later Ofcom published its Wholesale Voice Markets Review 2021-2026. This is important and going to govern our industry for the next 5 years, and arguably reshape it forever.
Rather than brain-dump all our reactions (there are many) here, or indeed simply share our response, which by nature will be somewhat legalistic, we wanted instead to serialise a few points in plain English.
Our response will obviously feature these, so if they resonate with you and you think they matter, we would encourage you to respond to the consultation. You are very welcome to cite Simwood, this blog, or our formal response if it helps.
If you missed them, see Part 2 – CP Status – we need a new one!, Part 3 – What the hell is IPX?, Part 4 – BT’s unchecked monopoly in porting and Part 5 – A prime opportunity to improve porting?
We were pleased to see this review recognises VoIP as likely to catch on. In fact, in what you could call BT’s business plan, it deals with the migration of the BT network to IP by 1st April 2025. Whilst that is good in one sense, there’s a healthy dose of contradiction, oversight and hypocrisy in there which we need to call out. First out the door: Security.
HM Government recently banned Huawei’s use in UK 5G networks by 2027 with a 2-year target for fixed networks to be worked out, due to National Security and consumer privacy concerns. We applaud that and frankly, those of us who put customers ahead of profit don’t have any anyway. We’d argue that giving a full investment cycle to rid networks of this stuff is a cop out and allows them to realise a profit from these flawed decisions.
The extent of that is massive – in our conversations we’ve seen a price of £2k from Huawei for network equipment that’d cost £40k from another vendor. That is price paid, not list price. Thankfully, some large networks have taken the same stance as us, others have not and indeed one of Huawei’s biggest advocates has been BT. It is safe to assume this will be in their network, at least on the edge, until the deadline.
So enter Ofcom, who have decreed that it will allow industry to self-regulate technical standards, and have made no specific security stipulations by way of boundaries. On the contrary, in describing BT’s IP voice network, it affirms that one of the means by which BT can be interconnected with, is via the public Internet.
Whilst responsible networks like us will build out to POIs and exchange traffic over private direct connectivity, there is a huge incentive for resellers and cost-focussed networks to route over public Internet, avoiding the cost of any kind of private connection. Maybe the more modestly astute will connect privately backed up by the public Internet? Regardless, we expect a considerable amount of traffic to be exchanged over the public Internet at points in time.
By Ofcom’s figures this could amount to 200 billion minutes a year of UK fixed and mobile minutes, included in which is not only private individuals’ conversations with their bank, business calls, but equally the parliamentary estate and national agencies. Is Ofcom seriously advocating a path that’ll see the majority of this to be delivered over the public Internet, a public Internet where multiple providers may still have Huawei equipment, and indeed where the incumbent, BT, is a Huawei advocate?
“Ah”, I hear you cry, “but it can be encrypted.” Well that’d be nice and that is a drum we’ve banged for years. Encryption is not only not mandated but the BT IPX platform does not support encryption. So this traffic can be assured to be unencrypted heading to/from BT over IPX. Simwood customers, of course, can enjoy encryption and have done for years.
“Well, ok, but what about peering”. Good point. We’ve recently described our public edge and our private edge. Both of those use public IPs and indeed a public IP routed over a private connection such as we have with most IP counterparties is fine. Next best is public IPs routed over a mutually owned fabric such as LINX. Where we get concerned about public Internet is that traffic that has to traverse another network, a transit provider, or by definition potentially several. The largest transit operators are not UK owned and themselves are using unknown equipment and unknown underlying connectivity. So BT peers with everyone like Simwood does then? Well not exactly! In keeping with other entitled incumbents we understand they will only peer with networks passing 1Gb/s of traffic or more to/from them. Admittedly that isn’t much if your business is cat pictures and porn to BT customer eyeballs, but for enterprise access networks or those like us with predominantly voice traffic, it is a lot to send to a predominantly access network – 10,000 concurrent calls to be more exact. So yes, we can assume these operators using public IP will be hitting BT’s public edge over one or many transit providers.
“But this is all at the network level right?”. Oh indeed this is between one operator, be they an IP network in their own right or hosted elsewhere, and BT. The same issues are potentially present though on the leg from them to their end-user. I’m often heard quoting the CEO of a well established UK ITSP saying “encryption is pointless”, and indeed as a wholesale operator who both offers it and encourages its use, we have unique insight into how much it is used, or indeed not used. I’d suggest it is therefore highly likely (90%+) that calls are going to be unencrypted for their entire path and this is an area we think this proposed review naively overlooks.
Ok, so SS7 that this replaces isn’t encrypted either, but it is inherently more secure, at least as deployed in the UK fixed network. For one it requires point to point physical links that are a lot more difficult to intercept on an industrial scale.
BT will also be retiring its reseller WLR product which is the only alternative to either direct build of a network to a customer’s premises or use of LLU to use BT’s copper from a network that has built out. In this respect the review appears to conflate ‘IP networks’ with ‘broadband networks’, the strong implication being that all WLR replacement will be completely over-the-top of commodity broadband. We have our expectation that, free of competition in name from WLR, BT will solve this newly created problem as a USP, but on the face of it the country is going to be buying a lot of VoIP phones and ATAs! This is a dramatic contrast to using IP from the cabinet by way of an ATA built into a DSLAM, and presenting the customer with a dedicated phone socket and handling voice distinctly in the network. I’m ok if that has been reasoned and decided but I just don’t believe it has. What does this mean for security? Well it extends that unencrypted call leg to the domestic or business network – yes, potentially any old pedophile can play with himself listening to your children’s phone calls over your insecure WiFi from the house down the road or the street outside. Vile I know, but I’m not here to make this sound palatable – this is serious stuff!
This just is not acceptable! What works for early adopters of a technology is dramatically different to that for people who simply don’t understand it at a technical level. I include in this category both little old ladies and many of those who sell WLR! Security and privacy has to be baked in here and not as an upsell.
Interestingly, the word ‘encrypt’ (and implicitly ‘encryption’) appears 0 times in the review. ‘Privacy’ is similarly absent, whilst ‘security’ gets 2 mentions, one in the context of alarms and the other posing the question around standards; the answer makes no reference at all. Meanwhile ‘BT’ makes 543 appearances, and ‘cost’ 318! ‘BT’ and ‘cost’ appear on the same line 59 times. There’s only 7,338 lines in the whole document (including page numbers etc. as a line) and 59 of them have ‘BT’ and ‘cost’ on them – that is 0.8%. A pointless fact or does it speak volumes? You choose.
More formally, Section 105A(1) of the Communications Act 2003 should mean operators take appropriate precautions. It states:
Network providers and service providers must take technical and organisational measures appropriately to manage the risks to the security of public electronic communications networks and public electronic communications services.
Seventeen years after that Act came into force (ok, the astute will note that section was dropped in by amending legislation in 2011, so nine years), not only is the largest operator unable to support encryption but it is architecting access to itself over IP, assisted by its policies, to force such traffic over the public Internet. And the regulator doesn’t appear to be paying attention to these issues, as the entire PSTN moves to IP over a period that’ll extend fifteen years beyond Parliament giving due prominence to security?. Seriously?
For the record, the Ribbon platform we understand IPX is based on absolutely supports encryption. As to why it doesn’t appear to be extended into the BT product set is not known to us. Perhaps the economics of it don’t stack up for BT? This is what regulators and reviews such as this are here to overrule in the interests of the UK as a whole.
It isn’t like we’ve not had warning signs of this moral hazard either. The topology of the IPX platform hasn’t materially changed from what we have seen in recent years yet in 2016 Telehouse North sneezed and the UK PSTN caught a cold. My recollection is that there was a partial power outage which affected public Internet access to IPX and whilst BT had alternative ingress in Sovereign House, they had insufficient capacity and thus the platform was effectively down for anyone accessing over public Internet. That wasn’t one or two small resellers, it was major networks and small ones alike. In fact I remember fondly an observer tweeting that Simwood seemed to be one of the few telcos left standing, an observation stemming from the fact that we could still reach all of BT (and vice versa) over SS7. Maybe they’ve addressed that now, but if it is by throwing a certain high-risk vendor at the problem, are we any further forwards?
What we have here is the Government saying that Huawei is a high risk vendor considered too close to the Chinese government to guarantee the security and safety of the United Kingdom, whilst over almost the exact period they get to remain in networks, the Government, via its agency, is creating an environment where 200 billion minutes a year could traverse their equipment.
Even taking Huawei out of the equation this traffic is potentially exposed to more interception, by traversing the public Internet unencrypted. Ofcom are trusting operators to do the right but harder thing, when history tells us the seduction of cost-cutting may cause their eyes to wander from the all important ball.
We call for urgent consideration of the security issues around IP interconnection, and a mechanism by which encryption and/or physical interconnection are mandatory. We believe that the foundations were laid by Section 105A of the Communications Act 2003; the regulatory effort in procuring the outcome Parliament intended with that provision is not huge. Nor will there be a significant burden on the industry – those that have taken it seriously already have little or nothing to do in response; for those that it’ll come like a bucket of ice water of the head, well, it’s not as if it couldn’t be seen coming a country mile away.
Next time we’ll discuss what does and should constitute an operator, as things have got very confused there!
