Some Calling Number Display technical issues relating to privacy,
usage and security
Robin Whittle rw@firstpr.com.au
http://www.ozemail.com.au/~firstpr/cnd/
Written quickly on 26 November 1997 - as we await the finally crunch
in which Telstra should admit, or be forced to admit, that it has
not met the PAC requirements for public awareness/understanding.
Please let me know of your suggestions for improving this!
Here are a variety of technical aspects of CND which are not crucial
to the immediate debate in the next few days about its activation,
but of general interest in terms of privacy.
This is a minimal technical description - so that non-technical
readers can read over it and see where the shortcomings, security
(hackablitity) and other issues arise.
Points mentioned below include:
* CND is not displayable on analogue PABXs.
* CND initially will not display in a Call Waiting scenario.
* Call Waiting CND may not be reliable with more than one box on the
line.
* Calling Name Display - how Telstra will not be sending customer
names (at least at first) but will use it to display "Payphone"
and "Mobile" instead of a number.
* Not all boxes handle the Calling Number messages.
* CND boxes which can dial the stored number typically do so without
a prefix, such as for CND display / don't display.
* CND displayable numbers from calls originating from PABXs and
hunt-groups (business phone installations) may bear no resemblance
to the actual caller's number and may not even lead to a number
which will be answered.
* Taxonomy of the various networks and what they are doing with CND.
* Taxonomy of the various forms of connection to the Telstra
analogue network and what they are doing with sending and
displaying CND. Good privacy news here - analogue PABXs can't
display CND.
Its a complete dog's breakfast, and in order to understand the human
implications of this, some technical explanations are necessary.
You may well ask how this was planned. I am sure it wasn't. I have
had a lot to do with various aspects of Telstra over the years, so
its not an idle comment. Telstra is not so much an organisation as
a seething mass of humanity. Optus isn't far behind. Calling
Number Display is a can of worms from every perspective, not just
privacy and its impact on telephone usage. "Making life easier"
indeed!
Displaying CND on an analogue POTS line
=======================================
Within the telco industry, the main network of telephone exchanges
which connect to customers via analogue lines, is sometimes referred
to the Public Switched Telephone Network (PSTN). I won't use that
term, but keep in mind if someone is drawing distinctions between
CND in the PSTN and, for instance, GSM or ISDN.
The analogue fixed line type of CND display and calling is the most
significant, because of the majority of phone services are of this
type, but it is only one part of the bigger picture. For instance
there are quite a few ways PABXs interface with the network - and
the current analogue CND service does not allow display on these
analogue PABXs.
Looking solely at ordinary POTS (Plain Old Telephone Service)
services, here are the technical issues. I have today obtained from
the Telstra Tech Standards people (who I am old mates with in some
respects at least - having fought side to side with them regarding
the 1997 Telco Bill which was very nearly disastrous in terms of
technical standards) their documents on analogue Calling Number
Display.
The CND aspect of telecommunications is not covered by mandatory
technical standards, post July 97. Any device which connects to a
carrier's network has to conform to certain basic safety, network
integrity and electromagnetic compatibility standards (TS 002, TS
004 and the EMC Framework). There are no mandatory standards for
Customer Equipment which displays CND. Prior to July 1997, this was
a mandatory area, and consequently, AUSTEL WG 2/1 worked hard to
produce a standard - AUSTEL TS 030 - which is still available from
Standards Australia. TS 030 has no legal force any more. I was
part of WG 2/1 for this and other work.
TS 030 was an Australian adaptation of the so-called US Bellcore
standards, with a nod to the European ETSI standard. Adaptation was
required since these documents were incomplete, technically
inadequate and/or unsuitable for Australian ring timings and voltage
and impedance standards.
Now Telstra has produced a series of its own technical documents,
which constitute guidance on making CND display units - or the CND
display function within a telephone or other CE (Customer
Equipment). Email Merv Sewell at <MSewell@vcrpcsd1.telstra.com.au>
and he will be able to email you a set of Word documents - which I
think are well written and informative.
It seems that Telstra cannot stop the sale of CND boxes which fail
to meet its technical requirements. Any CND or other CE which fails
to meet TS 002, TS 004 or the EMC Framework, can be sold - but only
with a "Non-Complying" sticker - which I think is the old AUSTEL
triangle with a circle and a cross through it.
It seems that CND boxes manufactured for the US market, and produced
for $10 in Taiwan will be sold here en-masse and that many of them
they will probably work OK. Buyer beware! Best to check with
Telstra before purchasing any particular box.
Also, some US modems are capable of receiving CND modem tones - so
these are already around, and could be hooked up to a phone line
(not to answer the call) to get the number, and feed it to a
database or reverse directory program while the phone is still
ringing.
POTS Calling Number and Name Display, and Message Waiting
=========================================================
This discussion relates to the idea of a separate CND box, but it
could also be a function within a modem or most likely a CND
function within a phone or perhaps within a "key system" - a multi-
line "Commander" like phone system (which is not a PABX).
The boxes perform three functions:
A - Displaying a number or a reason for the number not being
displayed.
B - Displaying a name or a reason for the number not being
displayed.
For both the above, time and date information is usually attached.
Therefore the times and date come from the telephone line, not an
internal clock in the CND display box.
C - Displaying a "Visual Message Wait Indication" LED or similar.
(CND boxes may also have a facility for dialling the numbers stored
from previous incoming calls. In most cases these apparently do not
allow any prefixes to be added. Of course this relies on the number
being sent to the box in a form suitable for dialling - with STD
codes where needed etc. That should be OK. However due to issues
discussed below, related to calls from PABXs and hunt-groups, the
number displayed is not necessarily one that will be a valid one to
ring, or to reach the original caller on.)
Calling Number
--------------
In A above, there are various options for the number being sent by
the network to the phone - with or without STD prefixes. These are
carried in the "Calling Number" field of the message the CND box
gets from the network.
If no number is sent, then there are two options for why it is not.
These are carried in a separate field called "Reason for Absence of
Number":
O = Out of area. Telstra recommends the box display: "Unavailable"
This would be when the call comes from somewhere that was not
capable of providing the number, or was not capable of
providing a valid CND display/don't-display bit.
What the box actually displays could be anything, such as
"Out of Area" or who knows what else.
P = Private. Telstra recommends the box display: "Private".
This is when the local exchange knows the caller's number
but the CND display flag is set to "don't display".
What the box displays could be anything, but it is quite
likely to be "Private". Some in the UK apparently show:
"Blocked" - which I consider to be prejudicial to privacy.
(CND in the UK and in European countries is technically
somewhat different from the US model we are following, so
its unlikely we will get these boxes here.)
However, see below on numbers from payphones and mobiles which do
not have displayable numbers.
Name Display
------------
Calling Name display is not a function that Telstra is planning on
implementing as far as I know. However, they are going to be
sending "Name" messages to convey the text "Payphone" and "Mobile".
The Name text is in its own field within the message and can be
arbitrary ASCII text - upper and lower case, up to 15 perhaps (which
isn't very many) but perhaps longer in the future. This 15 is a
limitation stated by Telstra. How long a name the display box can
store and display is another matter.
As with numbers, there can be all sorts of messy things with boxes
not remembering/displaying the full set of longer numbers or names.
If a name is not sent, then a separate field carries the "Reason for
Absence of Name, which can be "O", or "P" with the same meanings as
listed above for Reason for Absence of Number.
If there was a name service, how Telstra would assign the names, and
compress them into 15 characters, is anyone's guess. I understand
that in entrepreneurial Hong Kong, hundreds of thousands of dollars
have been raised by *auctioning* the popular names!
Both name and number can be sent in the one CND message - how the
box displays this is another matter.
The two uses of the Name function are to indicate that there is no
number because the call is from a payphone or from an (analogue)
mobile phone. In the latter case, since the analogue mobiles can't
handle prefixes, they are never going to make calls with displayable
numbers. In the former case, Telstra does not want to reveal the
phone numbers of its payphones. However payphones which are not
Telstra's (eg. those in hotels etc.) are just ordinary phones as far
as Telstra is concerned, and so will be making calls with
displayable numbers (unless their owners opt-out per line, or the
caller dials the 1831 prefix).
"Payphone" and "Mobile" are the two "Calling Names" which Telstra's
exchanges will send to the CND box, in lieu of numbers and (I think)
in lieu of using "O" or "P" for "Reason for Absence of Calling
Number".
The boxes should display and store this text verbatim, so as long as
the box handles names, then this will show up. I think there are
quite a few boxes from the US which don't handle names - so they may
display nothing when they receive a CND message with no number, no
reason for absence of number and only a "name".
The "Visual Message Wait Indication" - VMWI - has nothing whatsoever
to do with Calling Number Display, or with any phone call.
It is a means by which the box can have an LED or a section of its
LCD (Liquid Crystal Display) to indicate that the customer has one
or more messages waiting in their voice mail system. The customer's
voice mail is handled by some special equipment attached to the
exchange. The customer does not want to call it every half hour to
see if there is a voice message for them (for instance one could
have arrived when they were out and did not answer the phone, or
while they were on the phone). One approach is to provide a
stuttering dial-tone to tell the customer there is a message waiting
for them. Another is to provide that stutter dial-tone and have a
box automatically pick up the line periodically, analyse the sound
of the dial-tone and turn a LED on or off accordingly - messy!
This VMWI works by the exchange sending a specific message,
unlrelated to CND, to the box while the phone line is idle - ie. "On
Hook". This is done without any ringing of the bell. The message
simply tells the box to turn its VMWI indicator on or off. VMWI has
no privacy implications I can think of.
Modes 1, 2, 3 and 4
===================
Now . . . . there are four potential modes in which all the above
can happen, only two of which are of interest:
Mode 1 After the first ringing signal and before the second.
Mode 2 Just before the first ringing signal.
Mode 3 With the phone on-hook, and without ringing the bell and
therefore without any association with any call.
Mode 4 While the phone is in use - "Off-Hook". (Call waiting!)
Mode 1 is the main CND mode. This is used for both Name and Number
display.
Mode 2 is not going to be generated by Telstra's exchanges.
Mode 3 is only going to be used for VMWI - and that is something for
the future.
Mode 4 is for providing Name and/or Number - but only in a call
waiting scenario.
Now looking at Modes 1 and 4 in more detail.
Mode 1
------
In Mode 1, the line is controlled by the exchange - this is before
the phone is picked up and before the caller can send sound to the
receiving line. Therefore this information is unhackable by the
caller (except in that they may do things to their ISDN PABX
configuration to cause some screwy number to be sent as the calling
number).
The normal ring cadence in Australia is:
0.4 sec ON
0.2 sec OFF
0.4 sec ON
2.0 sec OFF
With CND in Mode 1 the phone rings once, for between 0.2 and 0.65
seconds, then there is a period of a few seconds (5.5 absolute max,
but more likely 2 or 3 seconds) when various modem tones are sent by
the exchange to the CND box(es), then the normal ring-ring ringing
cadence continues. This can be combined with the distinctive ring
cadences with different timings - which are part of some Telstra
services regarding calls from particular numbers, or having an
automatic switch between a phone and a fax machine on the one
physical line, but each with a different phone number.
In that 2 or 3 second gap, there is a silent period, some
synchronisation tones, then the 1200 baud (Bell 202) tones which
carry the CND message. (These modem tones are pretty simple, just
1200 Hz for a One and 2200 Hz for a Zero.)
The time depends somewhat on the length of the message. Then there
is a silent period before the 90 volt ringing signals start again.
If someone picks up the phone while the CND modem tones are being
received, this should cause the CND box to discard this message.
Therefore customers wanting to use CND have to let the phone ring
once, wait, and not pick it up until it starts to ring a second
time.
The format of the CND message is in the technical doco from Telstra
- and is the same as the Bellcore US spec as far as I can tell.
There is a single 8 bit checksum at the end, as a means of detecting
most, but not all, erroneous reception - so in most cases of
glitches, the box should see the bad checksum and discard the
message. (A checksum is the last byte sent - and is equal to the
sum of all previous bytes. The receiver adds all the bytes it
receives and compares it to what it interprets as the checksum. If
there is a difference, then there has definitely been an error -
however some errors could not be detected in this way, because the
byte seen as the checksum just might happen to be the value which
agrees with the total of the erroneous preceding bytes.)
The CND box(es) do *not* send signals back to the exchange in Mode
1. If there is a glitch which disrupts the reception of the message,
then there is no means for resending the message.
Mode 4 - Call Waiting
---------------------
The above is a full description of the main CND service - but not of
CND in a Call Waiting scenario. The system should be quite
reliable, assuming the boxes are sensitive enough. There are a few
technical issues with having a dozen or so boxes on the line - for
instance the current they may draw or other potentially nasty
problems, but in general these do not present operational problems
unless the box is truly sub-standard (which is quite possible, and
entirely the customer's responsibility - although they probably have
no way of knowing this).
Now, the matter of CND in a Call Waiting situation. Telstra does
not plan to introduce this immediately - I was told mid 1998
perhaps. However it raises some real operational and "security"
issues. The fact that the box can receive Mode 4 (and not all will
be able to do so, unless they really do meet Telstra's spec) means
that a malicious caller can put whatever messages they like into the
box, under certain conditions. Those messages would be
indistinguishable to the customer, unless perhaps they instructed
him or her to call the Prime Minister, God or the name contained a
threat or an insult.
In ordinary operation, with a single CND box, there is no problem. A
call in progress (either a received call or an outgoing call) is
interrupted by an incoming call. The customer puts the first call
on hold, a tone is sent by the exchange to tell the customer that
there is about to be a CND message. Then another tone is sent to
tell the CND box that a CND message is about to arrive. At this
point, the "box" should cut off the audio path to and from the
customer's hand-set - to stop them hearing the warblng modem tones,
and most importantly to stop noise from their microphone being mixed
with the modem tones and therefore disrupting the CND box's
reception of them.
When the CND box is part of the phone, or key-system, that's easy to
achieve. Its not easy if it is a standalone box. This could be
achieved by plugging the phone into a switched outlet of the CND
box. Without this switching, customers should remain quiet during
the modem tones, and probably would hold the earpiece away from
their ear, since they could be reasonably loud.
(Normally corrupted reception would be detected by the CND box
recognising the received checksum is different from the checksum it
calculated from the rest of the message it received. However, since
it is only an 8 bit checksum, with 256 possible values, in a
fraction of a percent of cases corrupt reception would not be
detected - so a garbled number and/or name might be displayed.)
After the CND box has cut off the audio path to and from the
customer's handset, it should send a tone back to the exchange to
confirm that there is a CND box ready to receive the message. This
is the "Acknowledge" signal - a brief (0.06 second) burst of DTMF
tone dial tone - either for the "A" or the "D" digits (which are a
part of DTMF, but not normally buttons on phones). Which one to
send depends on whether the CND box is an "ADSI" compatible box or
not. Now what's ADSI???? I think I knew, once - its something to
do with a whole raft of other functions for displaying arbitrary
messages and doing other complex user interface things - none of
which have anything to do with Telstra's plans for CND.
If the exchange gets this Acknowledge tone, then it sends the silent
period, synchronisation tones, modem tones and silent period as for
Mode 1 - with the same message format for Number and/or Name, with
reasons for absence of either or both, and with the time and date.
If the exchange does not receive an Acknowledge signal, then it
doesn't send the CND message and I think it would carry on with the
normal call-waiting procedures for switching in the new call. (The
CND box's audio muting would time out.)
There are two serious operational / security issues here.
Problems with multiple CND boxes in Mode 4
------------------------------------------
Firstly, it cannot be guaranteed that if the customer has two or
more CND boxes on the one line, that the exchange will recognise the
Acknowledge signals they both generate. It is conceivable that the
pairs of sine-waves which make up each DTMF tone pair, are actually
out of phase on one box, with respect to the other. This means the
completely or partially cancel out and therefore would not be
recognised by the exchange, causing it to abort from the CND message
sending procedure. This could be work OK most of the time, and fail
a few percent or the time.
As the internal timings of the boxes change, they may work together
or null each other out. Having 3 or more boxes probably reduces the
chances of complete cancellation - but it would still be unreliable.
Also, what if some boxes are "ADSI" and some aren't? Some would be
sending the "A" tone pair (697 and 1633 Hz) and some would be
sending the "D" tone pair (941 Hz and 1633 Hz). If this caused the
exchange to not recognise one or the other, then the CND message
would not be sent. Customers who bought such boxes and plugged them
into the line would be responsible for Telstra's costs in
investigating the problem - and if I am only vaguely aware of what
ADSI is, how is the average consumer going to know to buy CND boxes
of the same ADSI type???
Secondly, while Mode 1 cannot be hacked (it only happens after
ringing voltages - 90 volts AC which only the exchange can generate)
this Mode 4 CND message system works purely with audio tones which
ostensibly come from the exchange. In fact, there is no way the box
or the customer can be sure that the tones are coming from the
exchange (and therefore contain a real CND message) - they could be
generated by the other party to the call (for instance a hacker).
Therefore, a hacker (perhaps with a modem or some PC software I
could cook up in a few hours) could generate modem tones which the
CND box recognises as one or more valid messages.
These messages could contain any number, any name (including rather
long messages), any time and date and potentially any other things
the box was capable of receiving.
Multiple messages could be sent - one every few seconds. This could
overflow the CND box's memory - removing records of all recent
genuine calls.
This is probably not a problem in a real call-waiting situation
because the customer would realise that one or more spurious
messages arrived at that time. The danger is when people have a
Mode 4 capable CND box on their line, with an answering machine.
The hacker can call the number, wait for the answering machine to
answer, send the tones and leave arbitrary messages. These could
take place after the machine has stopped recording. I have heard of
such hacking of CND boxes in the US a few years ago. I can't
remember the details, but people got misleading and offensive
messages in the names and false numbers, times and dates when they
came home and checked their CND boxes.
Taxonomy of networks
====================
This is a rough guide to the various networks which make up
Australia's phone system. Its not complete, nor authoritative, but
its a guide to the ensuing CND shemozzle.
Ultimately, all these networks (they are all made with modern
digital exchanges and they all communicate with CCS7) will be
connected properly, and each carrier will trust both the CND number
(name later?) time and date and most importantly the validity of the
"Display the Number" flag in every CCS7 call setup message the get
from other carriers' networks. These messages, with the CND number
and "Display the Number" flag have been part of CCS7 since its
inception at least 8 year ago.
Analogue - POTS, key-systems and PABXs
--------------------------------------
Telstra's analogue, fixed line, phone network - for POTS phones
services and for a variety of PABX connections, plus a PABX
connection called Siteline.
CND Display is generally only available on POTS phones and
key-systems (Commander etc.) - as described below in the taxonomy
of analogue phone systems.
Phone services of all kinds, POTS, key-systems, PABXs etc. will
be generating calls with displayable numbers, unless the line is
"silent" (and only residential lines are "silent" - no business
line, including unlisted business numbers and extra residential
lines for fax etc, are regarded as "silent") or unless the
customer has opted out per-line or per-call.
In the case of PABXs, and various other multi-line commercial
services, there could be differences between the displayed number
and the number of the caller. More on this below.
Telstra's Analogue Mobile network
---------------------------------
This carries both Telstra and Optus analogue mobile calls.
Analogue mobile phones are incapable of displaying CND and since
they are apparently (I don't know why) incapable of handling
display / don't display prefixes, it has long been decided that
calls from analogue mobiles will not be recognised has having
a valid "display / don't display" flag in the messages sent
between exchanges, and that therefore their number will never
be displayed on a CND box. When an analogue mobile caller calls
a Telstra POTS CND service, Telstra will probably send the text
"Mobile" in the Name field of the CND message - and no number.
What happens when an analogue mobile calls a GSM (digital) mobile
or an ISDN service . . . who knows? Probably no displayable
number and an "O" flag in the reason for no number field, which
may result in a displayed message such as "Out of Area". Or maybe
the name "Mobile" will be sent.
Telstra's GSM Mobile network
----------------------------
As far as I know, this will display and send numbers within
itself, and according to Telstra's plan, to and from the
analogue fixed network and the ISDN networks.
Over time, when Optus and Vodafone improve the way in which
their networks interface between Telstra's there will be
interworking between these and all the other networks.
What information and opt-out procedure has Telstra given
its GSM customers?
I presume the GSM standards (apparently they occupy at least
a metre of shelf space) cope with Calling Name display as well.
I haven't head of proposals to actually start displaying callers
names, but who knows. I understand that some GSM phones can be
configured by the user to associate particular numbers with the
names of people - names they key in. So particular caller
numbers might cause these names to be displayed instead.
Telstra's *Overlay* ISDN network
--------------------------------
ISDN is a digital way of connecting to the exchanges. The
exchanges carry phone calls in 64 kbit / second pipes - within
the exchange and between the exchanges. The exchanges also
talk to each other, to set-up and tear-down calls, using a
protocol and packet switched network (a little like the Internet,
but just for phone exchanges) called the CCS7 network.
An analogue phone service carries audio signals, ringing and
dialling signals to and from the customers site and the exchange
via analogue voltage variations on a single pair of wires.
ISDN, by one means or another, provides two or more 64 kbit
channels between the customer and the exchange, plus another
digital channel to the exchange to carry commands, related to
CCS7, for setting up and managing calls.
For instance one way of connecting to ISDN is "Basic Rate ISDN"
(BR-ISDN). This works over a standard pair of phone wires - if
they are in good shape and less than a few km long. It provides
two 64 k channels, plus a 16 kbps signalling channel for sending
and receiving information to set up calls, and to be notified of
incoming calls. Its very flexible, and each 64 kbit/sec channel
can handle a voice call or a "data" call.
The main advantage is that data calls between ISDN services
are the full 64 kbit sec - with special computer adaptors, rather
than modems, which are limited to 33.6 kbps.
ISDN services are generally more expensive and even local calls
are timed. They messages in the control channel (16 kbps in BR-
ISDN) can send commands to allow or disallow the display of the
caller's number. They also receive the CND messages.
You can't plug analogue phones into an ISDN service - but special
ISDN phones, or more likely computer interface cards or PABXs do
plug straight in, and these typically have CND software or
hardware built in.
A second form of ISDN connection is "Primary Rate ISDN" - 10, 20
or typically 30 channels of 64 kbit/sec plus a control channel
for managing all those calls. The same CND messages travel on
this control channel as for BR-ISDN. PR-ISDN is typically used
to connect to larger PABXs in banks, government departments or
for instance, the TIO. PR-ISDN is typically delivered via
two optical fibres.
The PABX connects to handset on the desks of users. They
typically do "CND" within the organisation, and some handsets
may be configured to display numbers from outside.
Telstra's "Overlay" network has been operational since about
1990. It consists of a number of Ericsson AXE exchanges, and
various data links and "B-Muxes" to connect BR-ISDN customers
in areas far removed from the relatively small number of
"Overlay" exchanges.
These Overlay ISDN exchanges, have always (or almost always)
supported CND on an opt out basis. Its called "CLIP" (Calling
Line Identification Presentation) and the per-call control of
whether the caller's number is displayed or not is called CLIR
(Calling Line Identification Restriction). CLIR is best done
by the handset or PABX sending special messages to Telstra's
ISDN exchange, but for reasons related to the special technical
"standards" used in the overlay network, this is not usually
practical. I can't remember what the situation is with prefixes
- I have the guff somewhere - but I think it is messy too.
I think there are not separate "display" and "don't display"
prefixes - but rather the one prefix which reverses whatever
the current status of the line is. This is damn stupid
programming on the part of Ericsson, but the price of a software
rewrite to change even something as seemingly trivial as this is
apparently prohibitive.
One way or another, most Overlay ISDN customers are generally
sending their number, and if equipped, displaying it - but
only within the Overlay network. I am not sure if they
pay for it or not - its in the price list, but I am not sure
if it is in fact charged for. "Line-block" is technically
possible, but I don't know how often it is used.
This has been going on for years - and callers are often
surprised when the ISDN customer they call knows their number.
This is because there are not a lot of display handsets - except
perhaps in the higher offices of the companies.
This happened well before the AUSTEL Privacy Inquiry started -
and AUSTEL turned a blind eye to it because it was already there
and because it was "only" business customers.
I don't accept that the privacy of businesses or of individuals
in their workplace should be given less consideration than that
of "residential" users - who are the same people, just at work.
There have been "glitches" in the past where a call from a
normal POTS service caused a number to be displayed on a
Overlay ISDN connected PABX. I know one definite case of this
occurring ca. 1992. More recently, I heard a similar thing
happened with a call to the TIO.
No doubt, Telstra is preparing to display the number of POTS,
GSM and On-Ramp ISDN callers on the Overlay ISDN network. It may
already be happening. What proportion of people on these PABXs
have CND capable handsets, I don't know - but it is bound to
grow.
Telstra's "On-Ramp" ISDN "network"
----------------------------------
Much as Telstra would like to pretend otherwise, On-Ramp ISDN
is not a separate network. It was activated early in 1997.
On-Ramp ISDN is BR-ISDN and PR-ISDN services but not with the
small set of "Overlay" exchanges. On-Ramp ISDN conforms to the
modern European ETSI standards and is provided from the
main Telstra network of Ericsson AXE and Alcatel System 12
exchanges which now comprise its main network. These are the
exchanges which provide all the analogue services - so On-Ramp
ISDN simply means a digital link to the exchange from the
customers site, rather than analogue POTS or PABX lines.
Its a scandal, but earlier this year, the Privacy Commissioner's
office bought Telstra's argument that On-Ramp was an extension
of the existing ISDN network (I wish I was at those meetings!)
and that because it was currently aimed at business customers
it would be OK to do CND on an opt-out basis - *without* any
reference to the PAC CND Report.
This should never have been allowed.
On-Ramp ISDN is intended to be a mass market product, although it
is a bit pricey now. OnRamp can be used to give 64 kbps access
to an Internet Service Provider while another channel can still
take ordinary phone calls - all with the existing wiring to
the home. A family with Internet-keen members would find this
most attractive.
Telstra has agreed (to the Privacy Commissioner's Office I think
and to me in an article for Australian Communications in
June 1997) that when On-Ramp is aimed at residential customers
then whatever guidelines apply for analogue POTS customers will
also apply to On-Ramp.
My understanding is that On-Ramp CND has interworked with
the Overlay ISDN network since its introduction.
No doubt, Telstra is preparing to display the number of POTS,
Overlay ISDN and GSM callers on On-Ramp ISDN services. It may
already be happening.
Telstra's DMS Centrex network
-----------------------------
In addition to the Overlay ISDN network, the main analogue / On-
Ramp "Future Mode of Operation" exchanges (its main phone
network) and the GSM and AMPS (analogue mobile) exchanges,
Telstra has some Nortel DMS-100 ISDN exchanges. These have been
around for a while, and I think they generally serve business
customers, via ISDN links (?), analogue lines and potentially
"Siteline" connections (discussed below).
These DMS exchanges have been retained because the provide the
"Centrex" services which can link offices all over the country
as if it was all on one PABX - without the need for a PABX
at all.
I don't know what the CND behaviour of these DMS exchanges is -
maybe they can't display because they have neither ordinary POTS
analogue lines or ISDN connections (perhaps they do have ISDN
connections). I imagine they will be by default generating
calls with displayable numbers - presumably the software in the
exchanges has been updated to handle the prefixes and to do
"line-block" like the AXEs and System 12s of Telstra's main
network.
(If you think this is complex - it is actually beautifully
elegant compared to the menagerie of 17+ different exchange
types which Telstra was running just a few years ago -
communicating via a mixture of analogue and digital
signalling techniques. The Future Mode of Operation is now
largely complete and has got rid of all the analogue exchanges
and simplified the main network to just 200 AXE and System 12
exchanges, the mobile exchanges, 20 System 12 inter-exchange
exchanges, the DMS-100s and special exchanges for International
and linking to other carriers.)
Telstra's and Optus' International connections
----------------------------------------------
These are separate exchanges, and I don't think that CND
will be sent or received for international calls for
the foreseeable future.
In principle it can be with any country that uses CCS7 signalling
- but there are technical compatibility issues, matters of
reliability and trust about the accuracy of the information.
Also, I expect there is some recognition of the privacy problems
of disclosing callers numbers internationally.
Optus' GSM network
------------------
Optus, I think, has been doing CND *for free* on an opt-out
basis for month or so - just within its GSM network.
The call it "Caller ID" - a misnomer which should be resisted.
They have a little form to fill at the back of their brochure:
"I would like to opt-out of the Optus Caller ID service."
This is a lot more user-friendly than Telstra's awkward
arrangements.
I think this means that your number is not sent, and nor do
you get CND numbers displayed. (GSM phones are generally
capable of displaying CND as a matter of course.)
I haven't investigated this at all - any further info?
Optus' HFC telephone network
----------------------------
Optus has a growing number of residential (and maybe a few
business) customers with phone lines connected to its Hybrid
Fibre Coaxial cable network. This pioneering system is now
working well and gaining customers. According to a report
in the Australian 25 November 1997, they are adding 1200
customers a week. Unfortunately, without number portability
this means the customers cannot keep their old numbers.
All customers are connected to large DMS-100 exchanges just
for the HFC systems. These are technically capable of displaying
CND according to the tech standards that Telstra has set
for its service. As far as the user is concerned, its
just an ordinary analogue phone service, although all sorts
of digital technology stands between their socket and the
remote exchange.
I haven't investigated, but I would expect Optus to provide
CND display here at some stage - and probably charge for it.
Whether these services send calls to Optus GSM with displayable
numbers or not, I don't know. I presume these exchanges would
be programmed to accept the 1831/1832 and/or *31* and *31#
prefixes.
Optus' DMS business ISDN network
--------------------------------
Optus has, since its inception, a network of DMS exchanges for
business customers. I think these generally connect with ISDN
to PABXs in the customer's premises. I don't know, but I would
expect these to be brought into CND displaying and receiving
over time as all the interoperability issues are sorted out
within Optus and with other carriers.
Vodafone's GSM network
----------------------
I heard they are doing opt-out CND within their own network -
for free I think.
Over time, I would expect this to be linked to all the other
carriers' networks, once the carriers trust the other carriers to
give them CCS7 call setup messages with reliable, valid CND
"display / don't display" flags.
Other carriers and Service Providers
------------------------------------
Some phone customers use the Telstra lines and exchanges, but are
not Telstra customers - they are the customers of another
company. I really don't know what the technical and
administrative arrangements are here regarding CND.
Last but not least, is Northgate Communications - the Californian
pay TV operator who is installing HFC in Ballarat and I think
Geelong. They had an HFC telephony trial, which may soon be a
service. Ultimately that would do CND in the standard analogue
way, since the HFC telephony interface units are designed to
replicate most or all of the standard POTS line functions.
Freecall numbers
----------------
I have no idea what is happening here! There are quite a few
variations - and in some cases they have been getting the
caller's number for years, at least as part of the billing
system. Even with a call made with CND display disabled,
they would still get whatever they are getting at present.
What might change is their ability to get the information
at the time of the call, rather than later on a bill.
Internal services within Telstra
--------------------------------
Theoretically only 000 always gets your number, but I have
reliable reports of wake-up call operators knowing the
caller's number. This is irrespective of CND. Within
Telstra, they can probably do what they like.
Taxonomy of Telstra analogue services
=====================================
The CND situation with ordinary, analogue POTS lines (as virtually
all home phones are) has already been described. Now its time to
look at the variations which are used by businesses, in respect of
their ability to display CND, and to control the sending of their
number, and the relationship between the number which is displayed
and the actual originating line of the call.
This is necessarily incomplete, but it gives a reasonable picture of
what is going on.
Key-systems - "Commander"
-------------------------
A key-system is not a PABX - its just a centralised box, with
multiple handsets, and multiple ordinary POTS analogue phone lines
to the Telstra exchange.
As such, the standard POTS CND display signals could be sent to the
lines if the customer paid for the service. I think that existing
key-systems would not support CND display - there are various things
going on, and the handsets are not ordinary phones. You could
certainly put a CND box on each of the lines, and display numbers
there - but the key-system would need to be specially designed to
receive CND if it was to display this on the handsets. I understand
that some suppliers are making the necessary additions to their
designs. Whether these can be retrofited, I don't know.
Since a key system, with say 5 lines, may have those lines all
configured in the exchange to take incoming calls for a "Directory"
number, on a rotary basis (is this aka a "hunt group"?), all
incoming calls to the key-system are generally caused by people
calling that Directory number.
Each line does however have its own telephone number. Calling that
number will cause a call on that specific line - which the key
system will simply see as one outside line, rather than as a call to
a specific handset.
However, since each outside line has its own number, the calls made
*from* these lines will each have their own displayable CND number.
This reveals the real numbers of the key-system's exchange lines -
which many customers do not want to reveal. All they want the
public to know is the Directory number which distributes calls to
all lines on a rotary basis. I don't know what Telstra is going to
do about this, but unless something is done, then people will get
calls from one particular business, showing a range of numbers (the
set of numbers which are the real numbers of the lines) - none of
which are the Directory number of the business.
Perhaps a few key systems will prevent the use of 1831 and 1832
prefixes - since they may have some tricky processing of dialled
numbers built into their software.
Analogue PABXs
--------------
Analogue PABXs have special analogue, but non-POTS, lines to the
exchange. Instead of the exchange "driving" the line (with 50 volts
when the phone is on-hook), and so driving the phone (this is the
normal arrangement of a POTS line), and the phone being picked up to
activate the line, in an Analogue PABX line, the *PABX* drives the
line (with 50 volts), and Telstra's exchange behaves like a phone!
Its weird and the reasons are lost on me.
One thing the exchange has to do, is tell the PABX which indial
extension a call is meant for. So a 100 extension PABX may have 10
exchange lines. The Telstra exchange line tells the PABX there is
an incoming call (by "picking up" the line - rather than sending
ringing signals). Then the Telstra exchange has to tell the PABX
which numbered extension the call should be sent to. There are no-
less than three ways of doing this! One, DTMF tones, is hardly
used. Another, Multi Frequency Compelled (MFC) signalling is used
on a few more modern analogue PABXs. Most PABXs use clunky old
decadic pulse dialling to be told the extension number of the
incoming call.
Pulse dialling goes "clack, clack, clack" for "3" etc. So a 0 is
ten "clacks". You can hear this sometimes - for instance when
calling AUSTEL/ACA. You hear a few seconds delay while the Telstra
exchange sends three series of decadic pulses (each up to ten
pulses) to the line - you can just hear the clicking. Then when the
PABX knows the extension number, it makes that extension ring, and
sends an audio ringing signal to the exchange so the caller can hear
that the phone bell is being activated,
Then the PABX waits for someone to pick up the handset.
This means that ordinary analogue POTS CND messages simply cannot be
sent to any analogue PABX in Mode 1. The exchange does not generate
the ringing signals - the PABX does. It is totally different from a
POTS line, although it is analogue, and uses the same twisted pair
wires.
Theoretically you could send the ten to 12 CND digits via DTMF, or
MFC - but you wouldn't want to try sending all the other things,
like Calling Name and date and time. It would take several minutes
to send all that information with pulse dialling!
There are no plans to send CND display data to analogue PABXs. To
do so would require radical reprogramming of the exchange, and major
hardware and software changes to the PABXs themselves - and they are
being superseded by ISDN PABXs.
However, these PABXs will generally be *making* calls with
displayable numbers. Whether or not the PABX would prevent the 1831
or 1832 prefix would depend on the system. I think it might be
prevented on quite a few, since they have all sorts of pre-
programmed rules to decide when the full number has been dialled.
They have to have this because of the screwy way they interface to
the exchange lines. Those PABXs are likely to need software
upgrades or re configuration to allow the 1831 and 1832 prefixes to
be sent.
Apparently these PABXs often interface to the exchange via three
types of analogue lines:
1 - Indial lines (purely for incoming calls to the PABX).
2 - Outdial lines (purely so the PABX can make outgoing calls.)
3 - Bi directional lines - which can do both.
Now the PABX may have a range of directory numbers assigned to it,
and the exchange is programmed to direct any call to a number in
this range to any one (it doesn't matter which) of the Indial lines
(or bi directional lines) and to tell the PABX (as described above)
which extension, corresponding to the last two or three digits in
the dialled number it is meant to go to.
However, when someone at an extension, say ext. 17, picks up their
handset and dials to the outside world, then that call could go out
on any of the outdial or bi-directional lines. Each such line would
have its own number, and none of those numbers would be related to
the extension or to the official Directory number range the PABX is
assigned to. So the number displayed on a CND box for those calls
is not one that is instantly recognisable to someone as a number
belonging to that business. If that displayed number was called -
what would happen? If it was the number of an Outdial line -
nothing - because the PABX doesn't answer those lines. A bi
directional line? Who knows. At best the PABX would answer it, but
there would be no way of it going to a particular extension.
Siteline links to PABXs
-----------------------
I have only just learned about this variation. Functionally the
PABX is like an analogue PABX. That is, it does not connect to the
Telstra exchange via a PR-ISDN link, with all its sophisticated call
management messages. (ISDN is a very rich and well developed set of
protocols).
Basically Siteline is a way of carrying 30 calls, and a signalling
system call CAS (Channel Associated Signalling) to do the same kinds
of things described above for analogue PABX indial, outdial and bi
directional lines - but in a somewhat cleaner and more reliable
digital form. So CND display probably cannot be carried over such a
link to the PABX, and even if it could, the PABX would need to be
radically redesigned to be able to receive it. The problems of
mismatch of CND number for outgoing calls would presumably be the
same.
Mismatch of displayed CND numbers
---------------------------------
These problems with inappropriate CND numbers for calls emanating
from key-systems and analogue PABXs are fundamental. Neither has a
way of telling the exchange which extension the call actually came
from - so no information about the extension could ever affect the
displayed CND number for that call. The best thing that could
happen would be for Telstra to program their exchanges so that the
CND number of all calls made from the lines of a key-system, or PABX
group or lines, was the directory number of that business.
I get the impression this is the sort of thing they will have to do-
but that it could take a few years.
ISDN PABXs are capable of much smarter operation - and its worth
noting that the PABX owner themselves can do things to control the
displayed number. What the limits to this are, I don't know - but I
think there is a lot of scope for accidental, or perhaps deliberate,
mismatches between the displayable number and the real source of the
calls.
This stuff is an obvious source of confusion to all users - its been
happening on a big scale in the USA, and they have had CND for quite
a few years.
Can of worms
============
This treatise has not considered the major privacy problems, nor has
it looked into the vastly more complex, indefinite and confusing
activity that CND can turn an ordinary telephone call into. The
usage impact could be significant - more calls not answered, more
calls made because the first one was not answered . . . it goes on.
Telstra will ultimately regret CND - if they haven't got to that
point already. It is a true can of worms. The only reason they are
pushing ahead with it is because they are not enough of an
organisation to have actually thought through all the costs,
complications and negative changes to telephone usage. Marketing
greed - and hunting and herding - rules supreme. I have been
watching this for years - and have never seen any evidence that
anyone sat down and did a comprehensive survey of what all the
complications would be.
1
TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH
