Introduction

In 1876, Alexander Graham Bell patented the telephone and envisioned telephony s eventual triumph over the dominant communications network of his day: the telegraph network. Over the past decade, similar pronouncements have been made about VoIP and the Public Switched Telephone Network (PSTN) as IP-based communication becomes more pervasive. In both cases, the overall prediction has proven correct, even if the path for each was far more gradual and the result more integrated than originally anticipated. Case in point: Western Union (as a unit of First Data Corp.) did not discontinue its telegram service in the United States until January 27, 2006, even as numerous phone-to-telegram and web-to-telegram gateways continue to operate in conjunction with telegraph, cable, telex, and radio messaging networks worldwide.

With that in mind, it s essential to include the PSTN and its associated risks when examining VoIP security. Don t forget that today s Internet hacking community can trace its roots directly to the phone phreak subculture of the 1970s that first broadly exposed and exploited weaknesses in switch signaling protocols. Ever since automated long-distance switches were introduced by AT&T in the 1950s, people have been trying to figure out ways to bypass the toll services and get voice services for free. And the first known instances of eavesdropping by phone predate even the Bell System itself. The PSTN has evolved considerably in recent years, but the addition of VoIP services also has created new and novel vulnerabilities for both data and voice.

PSTN: What Is It, and How...