Telephone Security

Contents:
Modems: Theory of Operation
Serial Interfaces
The RS-232 Serial Protocol
Modems and Security
Modems and UNIX
Additional Security for Modems

A main function of modern computers is to enable communications - sending electronic mail, news bulletins, and documents across the office or around the world. After all, a computer by itself is really nothing more than an overgrown programmable calculator - a word processor with delusions of grandeur. But with a modem or a network interface, computers can "speak" and send information.

A good communications infrastructure works both ways: not only does it let you get information out, it also lets you get back in to your computer when you're at home or out of town. If your computer is equipped with a modem that answers incoming telephone calls, you can dial up when you're sick or on vacation and read your electronic mail, keep informed with your online news services, or even work on a financial projection if the whim suddenly strikes you. You can almost believe that you never left the office in the first place!

But in the world of computer security, good communications can be a double-edged sword. Communications equipment can aid attackers and saboteurs while it enables you to get information in and out easily. As with most areas of computer security, the way to protect yourself is not to shun the technology, but to embrace it carefully, making sure that it can't be turned against you.

Modems: Theory of Operation

Modems are devices that let computers transmit information over ordinary telephone lines. The word explains how the device works: modem is an acronym for "modulator/demodulator." Modems translate a stream of information into a series of tones (modulating) at one end of the telephone line, and translate the tones back into the serial stream at the other end of the connection (demodulating). Most modems are bidirectional - every modem contains both a modulator and a demodulator, so a data transfer can take place in both directions simultaneously.

Modems have a flexibility that is unparalleled by other communications technologies. Because modems work with standard telephone lines, and use the public telephone network to route their conversations, any computer that is equipped with a modem and a telephone line can communicate with any other computer that has a modem and a telephone line, anywhere in the world. Thus, even in this age of the Internet and local area networks, modems are still the single most common way that people access computers remotely. This trend is likely to continue into at least the near future, especially with the continuing popularity of specialized dial bulletin board systems (BBSS).

Early computer modems commonly operated at 110 or 300 baud, transmitting information at a rate of 10 or 30 characters per second, respectively. Today, in 1996, few computer modems are sold that are not capable of 14,400 bits per second (bps), and modems that zip along at 28,800 bps are increasingly popular. Some modems that send data synchronously, with a precision clock, are capable of rates in excess of 100,000 bps. Special modems on digital ISDN lines are also capable of speeds in excess of 100,000 bps. With data compression included, and new technology constantly being offered, we expect to see common modems with increasingly higher speeds (and smaller physical sizes) as time goes on.

Baud and bps

Baud is named after the 19th-century French inventor, J. M. E. Baudot. He invented a method of encoding letters and digits into bit patterns for transmission. A 5-bit descendent of his code is still used in today's TELEX systems.

to 12 bits are required to transmit a "standard" character, depending on whether we make upper/lower case available, transmit check-bits, and so on. A multi-byte character code may require many times that for each character. The standard ISO 8859-1 character set requires eight bits per character, and simple ASCII requires seven bits. Computer data transmitted over a serial line usually consists of one start bit, seven or eight data bits, one parity or space bit, and one stop bit. The number of characters per second is thus usually equal to the number of bits per second divided by 10.

The word "baud[1]" refers to the number of audible tokens per second that are sent over the telephone line. On 110- and 300-bits-per-second (bps) modems, the baud rate equals the bps rate. On 1200-, 2400-, and higher-bps modems, a variety of audible encoding techniques are used to cram more information into each audible token. TDD phone devices for the deaf use a lower-speed modem than modern computers usually do.

[1] The "baud" is not to be confused with the "bawd," which is the rate at which juveniles transmit risqu� pictures over network connections.