'Story of the Edge' by Akamai

People share some useful stuff on social networks that I bookmark to visit and write later. This was shared by John Francis Nolan nine months back or so. I have just managed to watch it and definitely worth a share here.

Prof. Ramesh K. Sitaraman is currently a Distinguished University Professor and the Associate Dean for Educational Programs and Teaching in the College of Information and Computer Sciences at the University of Massachusetts at Amherst.  He is best known for pioneering content delivery networks (CDNs) and edge computing services that currently deliver much of the world’s web, videos, edge applications, and online services. As a principal architect, he helped create the Akamai network, the world’s first major content delivery network (CDN) and edge computing service. He retains a part-time role as Akamai’s Chief Consulting Scientist. 

Late last year he delivered a talk 'Living on the Edge for a Quarter Century: An Akamai Retrospective' on The Networking Channel. The following is the abstract of the talk:

As Akamai and the creation of the “edge” turn 25, we look back at the key role that the edge has played in the evolution of internet services. The story of the edge starts in the late 1990s when servers were deployed worldwide to provide content delivery services for web pages and videos. The quest to move dynamic content and application logic closer to users created the first edge computing services a few years later. The growth of the edge that now spans thousands of locations has dramatically increased the scope and importance of services that critically rely on it. This has created new challenges in operating the edge at scale and securing it from sophisticated attacks. Further, as the carbon footprint of the edge grows rapidly, reimagining a sustainable “zero-carbon” edge that is powered by renewable energy poses a key direction for future research.

His talk is embedded below and the PDF copy of his presentation is available here.

You can view the author's publication page here.

Related Posts: 

• The 3G4G Blog - Webinar: Where Edge Meets Cloud by Dean Bubley
• The 3G4G Blog: Transitioning from Cloud-native to Edge-Native Infrastructure
• Telecoms Infrastructure Blog: Operator Cloud Infrastructure and Innovation Strategy
• Telecoms Infrastructure Blog: ZTE explains 5G CDN in a new White Paper
• Telecoms Infrastructure Blog: AWS Edge to Power Private Networks and Industry 4.0
• Telecoms Infrastructure Blog: The Provider (Telecom, Cloud) and User Open Edge: Innovation with No Vendor Lock-in
• Telecoms Infrastructure Blog: Building the telco edge with or without hyperscalers! 

4G LTE Man In The Middle Attacks With A Hacked Small Cells

Here is an interesting talk from recent HITBSecConf by Xiaodong Zou. HITBSecConf or the Hack In The Box Security Conference is an annual must attend event in the calendars of security researchers and professionals around the world. Held annually in Kuala Lumpur, Malaysia and Amsterdam in The Netherlands, HITBSecConf is a platform for the discussion and dissemination of next generation computer security issues.

From the talk narrative:

Femtocells offer a user the ability to have a small base station located within their house or other area. These small base stations provide access to the core telecom network where poor reception from an eNodeB would normally prevent consistent coverage. Femtocells has been standardized in LTE since release 8, and is referred as Home eNodeB, or HeNB. HeNBs are mandated to have an IPsec connection back to a security gateway (SeGW) to protect traffic flowing into and out of a Mobile Network Operator (MNO)’s core network.

If the HeNB is within the physical possession of an attacker, this provides unlimited time to identify a flaw on the HeNB. A compromised HeNB can be used in a manner similar to a rogue base station, but will also provide the attacker access to clear text traffic before it is sent back to the core network. There are more than ten different types of HeNBs deployed in China. Ericsson ENC-nRBS01B40 is one of them – a TD-LTE base station working on band B40.

In this talk, we will cover:

1.) How to root a 4G LTE femtocell.
2.) How to make the femtocell portable.
3.) How to perform man-in-the-middle attack with the femtocell.
4.) Show the prototype of Hacking Box of S1 Interface (HBoS)

Slides and video embedded below:

4G LTE Man in the Middle Attack with a Hacked Femtocell from 3G4G

Related Posts:

• Macrocells, Small Cells & Hetnets Tutorial
• Introduction to 3GPP Security in Mobile Cellular Networks

Small Cells and/or WiFi - The confusion continues...

Its been an interesting last few weeks. Depending on which report you read, you will either come to the conclusion that 'WiFi will be killing off Small Cells' or 'Small Cells will be killing off WiFi'

First there was this report that "You might not need a mobile carrier by 2020". It makes this bold statement: In Europe, many cell phone owners have already ditched their wireless carrier. But Wi-Fi isn't quite widespread or robust enough for most Americans to completely ditch their wireless carrier just yet. In all honesty, I have never come across anyone that has ditched their mobile network operator and now relies entirely on Wi-Fi. I certainly know of people who now don't even bother switching on their WiFi because their cellular coverage is extremely good and have flat pricing.

Joe Madden, a respected analyst of small cells, recently said the following: "Even if we exclude homespot deployments, the number of Wi-Fi access points will reach the level of millions for cable operators and public venues during 2015, outstripping the capacity of new LTE base stations. Several large mobile operators have made a gigantic blunder, by ignoring the opportunity to deploy Wi-Fi or utilize Hotspot 2.0 –so cable operators and other service providers are jumping on the opportunity. Homespots add another dimension, with massive crowdsourcing of capacity. The total Wi-Fi capacity deployed by service providers worldwide could match the 'data tsunami' in terms of raw capacity over the next five years, although of course there are obvious limitations in mobility and QoS."

While you may be thinking Wi-Fi '1' and Small Cells '0' a thing to remember is that WiFi still has some way to go to sort out the security stuff. This article highlights how easy it is spoof a WiFi AP, the one you have trusted in the past and easily access personal Info. I strongly suggest that you read this article. One may argue that some of these issues will be gone with HS2.0 and other new security mechanisms these problems will vanish. One has to remember though that since WiFi uses unlicensed bands, and since the technology has been around for ages, its easy to get cheap equipment and it may not exactly be illegal to have equipment running in this band.

Cellular on the other hand relies on licensed spectrum and has a very strong authentication mechanism which may get around such basic insecurity info (though to some extent this can be hacked, depending on operator policies on the UICC/SIM card).

Dr. Kim Larsen, recently did a presentation where he looked at the economics of Small Cell and WiFi and in what situations both of these make sense. His presentation is embedded below.

Some thoughts from Kim on his presentation on Twitter:

• Most Smartphone based WiFi traffic happens at Home, believing this traffic is offloaded is rather foolish!
• WiFi...Why & When to care (at least when you are an mobile operator)
• Why do we like WiFi so much & why cellular have so many challenges matching consumer expectations!
• WiFi has the consumer perception of being 1 Fast, 2 Almost Free & 3 Unlimited...Brilliant Branding!
• Mobile Operator WiFi off-loading strategies should consider mitigating potential & substantial cellular revenue loss!
• When WiFi makes the most sense for a Mobile Operator; 
1. Cellular expansion options have been exhausted!
2. you control fixed & mobile sides of the customer experience & value chain! 
3. Competitive Pressures .. ultimately is likely to be a loss-loss scenario!

Wi-Fi and Cellular: Authentication & Security

While in the past WiFi was considered not as secure as the cellular counterpart, things have been changing slowly and steadily. While the cellular is able to offer authentication using the EPS-AKA, Wi-Fi is now able to offer EAP-AKA and EAP-SIM. 

In fact the above table is quite interesting to know about. Recently I was following a discussion that talked about the lack of QoS support in WiFi. As we can see, its supported but not guaranteed. 

Devices that contain the USIM card can use EAP-AKA while that without one can offer EAP-SIM. EAP-AKA works in a similar way to the cellular authentication protocol EPS-AKA. For anyone who is interested in reading more details about the authentication and how it works, including signalling, see this whitepaper here.

If you haven't seen our whitepaper on Cellular and WiFi integration, please check it out here.