Share on Twitter.
Get the most reliable SMTP service for your business. You wished you got it sooner!
September 29, 2013
All roaming rate charges paid by mobile phone users when they're travelling inside Canada and the United States will soon get a lot
more scrutiny by the CRTC, which is strongly considering possible stiff regulations as a result of several consumer complaints from Canadians.
About than thirty-six telecom companies and wireless carriers had to submit information on the terms and conditions of their
roaming rates to the Canadian Radio-television and Telecommunications Commission (CRTC) by Friday of this week.
The CRTC had set the deadline after hearing consumers' concerns that the cost of roaming on another carrier's network could be
"A decision on whether there is a need to intervene will be made once the CRTC has reviewed the information it has asked the wireless
companies to provide," the CRTC's Chris Seidl said in an emailed statement.
The additional information will also help it determine the options available to consumers and the competitiveness of Canada's wireless
industry, said Seidl, executive director of telecommunications at the CRTC.
Telecom analyst Eamon Hoey said he expects the CRTC to regulate roaming rates, adding it's the beginning of more regulation for
the wireless industry.
"Canadian consumers are more than just a bit annoyed at the rates that they're paying now, not only for basic cell phone service, but also for
roaming charges, for additional charges, for so-called contracts, you name it-- the list goes on and on," said Hoey, of Hoey Associates Management
Consultants in Toronto.
Hoey also said that Bell, Telus and Rogers didn't do themselves any favors with consumers or the federal government with their
publicity blitz against big U.S. carrier Verizon, which had expressed some interest in Canada's wireless market but decided against
coming north earlier this month.
Rates aren't low enough, he said, adding that Canada's wireless carriers "pay in pennies per minute" to foreign carriers such as
Verizon, AT&T and U.K.-based Vodafone for their roaming agreements.
Rogers said it has provided the CRTC with the information it requested, but doesn't know if it will result in regulated roaming
rates or not.
"We know consumers find it complicated and it's really difficult for wireless users to calculate how much data they're using,"
spokeswoman Rogers' Patricia Trott said.
Toronto-based Rogers said its $7.99 daily roaming rate to the U.S. has been in place for several months. On Friday, Rogers added
high-speed wireless service from AT&T to its U.S. roaming services for Canadian customers.
Telus spokesman Shawn Hall said the Vancouver-based company has negotiated new rates with hundreds of wireless carriers around
the world, which has allowed it to reduce roaming rates by 60 percent or more over the last couple of years.
Telus claims that its rates have consistently been lower than its competitors. "We heard customers say they were worried about
bill shock," Hall said.
But roaming rates need to be at a "market rate" that encourage wireless companies to keep upgrading their networks, he added.
Bell recently cut its 30-day U.S. travel bundle in half to $25. Spokesman Mark Langton said Bell will continue lowering roaming
prices but neglected to say for how long.
The CRTC's new wireless code, which will apply to new contracts for cellphones and other mobile devices starting on Dec. 2nd, requires
additional roaming charges be capped at $100 unless the customer has agreed to pay more.
It has asked wireless carriers for information such as retail roaming rates for voice, data and text messaging from 2007 to 2012 and
to list all of the changes to these rates and the dates when each change took effect in that period.
Additionally, the CRTC has asked wireless carriers to list the top four U.S.-based carriers with whom their customers incur the
most roaming traffic.
In other mobile news
The FCC late yesterday issued a Notice of Proposed Rule Making (NPRM) which aims to improve wireless network reliability during
disasters by requiring wireless service providers to publicly disclose the percentage of cell sites within their networks that are
operational during and immediately after disasters.
The FCC argues that such a mandate would drive wireless carriers to improve their network reliability as a matter of competition.
For now, the FCC is seeking public comment on this proposal and other approaches. Acknowledging that some wireless service disruptions
may be unavoidable during emergencies, the FCC also noted that the impact tends to vary among wireless service providers.
Case in point-- last October, Superstorm Sandy disabled approximately 25 percent of all cell sites in the affected region, with
more than 50 percent of sites disabled in the hardest-hit counties, yet not all wireless networks were equally impaired in the manner.
The FCC suggests that the operational choices and practices of different wireless service providers may account for much of this
variation. The agency is asking for comment on whether the NPRM’s proposed disclosure requirement, by holding wireless providers publicly
accountable, could spur improvements to network resiliency while allowing providers flexibility in implementing these improvements.
The proposal would require wireless carriers to submit to the FCC, for public disclosure on a daily basis during and immediately
after disasters, the percentage of operational cell sites for each county within a designated disaster area.
Information yielding these percentages is already included in voluntary reports that wireless service providers submit to the
FCC daily during disasters, albeit on a presumptively confidential basis and as part of a larger set of data.
In July, CTIA submitted an ex parte filing with the FCC that urged the commission to defer a NPRM on mandatory disaster reliability
The CTIA said that it was concerned that the proposed rules under consideration were similar to recommendations submitted to
the FCC earlier this year by Consumers Union (CU).
Those rules suggest that wireless carriers report, and the Commission publicly disclose, the percentage of cell sites out of service
in a particular county during an event classified as a disaster by the FCC.
CTIA argued that CU’s proposed metric didn't provide an accurate picture of a network's true condition and such information would
not be of value to consumers.
"As many providers’ cellular sites are configured with overlapping coverage for the most part, the proposed metric risks overstating
the degree to which cell site outages adversely affect service availability," CTIA wrote in the filing.
"Ongoing and future deployments of “small cell” and Distributed Antenna System configurations that underlay existing coverage
would exacerbate that risk even further," it added.
In other mobile news
Karsten Nohl, the internet security researcher who hacked into SIM cards with a single text message, has told us he is dismayed
by the mobile industry's lukewarm response to his revelations, and has revealed exactly how he managed to pull it off.
Nohl believed that by exposing the security flaws in SIM cards, the issue would force wireless network providers to fix them.
Theoretically at least, the two security flaws would have worked in tandem to intercept calls and threaten the security of wireless
NFC applications such as pay-by-wave and other contactless payment apps.
Nohl claims that the most serious of the two flaws has been deliberately ignored by a wireless industry that wants to allegedly keep the
backdoor open so that it can silently roll out software updates to handsets-- a gaping access hole that may not be closed until it's too
Nohl also discovered that he could infiltrate SIM cards by sending specially formatted SMS messages, and discovered another flaw
that would enable him to break out from the cards' inbuilt security sandbox.
Yet he was astonished to discover that despite publicly announcing security patches and giving every impression of caring, the
wireless industry had actually done nothing to fix the problems.
"We thought our story was one of white-hat hacking preventing criminal activities," Nohl said, lamenting that "as there is no crime, so
no investigation". Despite CNN reporting that his own flaw had been used to distribute a fix, Nohl told us that the JavaCard bug was
here to stay and was so obvious that it has to be a backdoor, gross negligence, or both.
Nohl's first security exploit, enabling an attacker to install an application in the secure storage area of a SIM card, has been
examined in these pages before, but that only represents a threat if the injected software can break out of the JavaCard sandbox.
Nohl then claimed that it was possible, but until now he hasn't explained exactly how. To be clear, JavaCard is an operating system of sorts,
sharing only a name and some syntax with the Java language. JavaCard licensees get a reference implementation from Oracle and then
add their own secret source code to differentiate their products, so not all manufacturers' SIMs had this flaw – but many did, Nohl
was quick to point out.
Even the version used by JavaCard, Java is supposed to be memory safe in that there are no pointers with which one can read, or
write to, arbitrary locations in memory.
Cardlets (as JavaCard apps are known) can only reference data structures they create themselves, and there's no mechanism for inter-cardlet
What Nohl discovered was that by referencing a variable which referenced a variable which referenced an array he could bypass the
bounds check that JavaCard is supposed to perform.
Create an array of 10 elements, reference it from a distance and address the eleventh location, and secured memory is yours to
explore – and rewrite – as you wish. The whole process is even a lot easier than what most people think.
Nohl says he warned Gemalto, the world's largest SIM card manufacturer – which is among those SIM-makers whose cards exhibit
the security flaw – about the existence of the bug. Gemalto told him that it didn't matter – only signed applications could be run
so their ability to breach the sandbox was irrelevant.
But the researcher points out that in 2010 Gemalto was able to upgrade bank cards in the field after a calendar bug broke millions
of German cards. Bank cards are not designed to be upgraded after being issued, and Nohl contends that a similar flaw was exploited
Share on Twitter.
Source: The Canadian Radio-television and Telecommunications Commission.
Advertise with us
This article was featured on Business 5.0 and on
Copyright © Wireless Industry News. All rights reserved.