The Wireless Industry News Portal Advertise on Wireless Industry News and reach over 300,000 potential new buyers. Click here to learn more.
Post a News Story        Resources        News Archives        Home - Mobile News

Click here to order our special clearance dedicated servers.

Wireless Industry News is read by over 300,000 people a month. Learn how you can increase your sales by advertising on our news portal -- Click here.

Sign up now and save more than $30 a month on your new Linux server.

Click here to order our special clearance dedicated servers.

Wireless Industry News is read by over 300,000 people a month. Learn how you can increase your sales by advertising on our news portal -- Click here.

The CRTC to analyze roaming charges to travelling mobile phone users

Share on Twitter.

Get the most reliable SMTP service for your business. You wished you got it sooner!

September 29, 2013

All roaming rate charges paid by mobile phone users when they're travelling inside Canada and the United States will soon get a lot more scrutiny by the CRTC, which is strongly considering possible stiff regulations as a result of several consumer complaints from Canadians.

About than thirty-six telecom companies and wireless carriers had to submit information on the terms and conditions of their roaming rates to the Canadian Radio-television and Telecommunications Commission (CRTC) by Friday of this week.

The CRTC had set the deadline after hearing consumers' concerns that the cost of roaming on another carrier's network could be "unreasonable."

"A decision on whether there is a need to intervene will be made once the CRTC has reviewed the information it has asked the wireless companies to provide," the CRTC's Chris Seidl said in an emailed statement.

The additional information will also help it determine the options available to consumers and the competitiveness of Canada's wireless industry, said Seidl, executive director of telecommunications at the CRTC.

Telecom analyst Eamon Hoey said he expects the CRTC to regulate roaming rates, adding it's the beginning of more regulation for the wireless industry.

"Canadian consumers are more than just a bit annoyed at the rates that they're paying now, not only for basic cell phone service, but also for roaming charges, for additional charges, for so-called contracts, you name it-- the list goes on and on," said Hoey, of Hoey Associates Management Consultants in Toronto.

Hoey also said that Bell, Telus and Rogers didn't do themselves any favors with consumers or the federal government with their publicity blitz against big U.S. carrier Verizon, which had expressed some interest in Canada's wireless market but decided against coming north earlier this month.

Rates aren't low enough, he said, adding that Canada's wireless carriers "pay in pennies per minute" to foreign carriers such as Verizon, AT&T and U.K.-based Vodafone for their roaming agreements.

Rogers said it has provided the CRTC with the information it requested, but doesn't know if it will result in regulated roaming rates or not.

"We know consumers find it complicated and it's really difficult for wireless users to calculate how much data they're using," spokeswoman Rogers' Patricia Trott said.

Toronto-based Rogers said its $7.99 daily roaming rate to the U.S. has been in place for several months. On Friday, Rogers added high-speed wireless service from AT&T to its U.S. roaming services for Canadian customers.

Telus spokesman Shawn Hall said the Vancouver-based company has negotiated new rates with hundreds of wireless carriers around the world, which has allowed it to reduce roaming rates by 60 percent or more over the last couple of years.

Telus claims that its rates have consistently been lower than its competitors. "We heard customers say they were worried about bill shock," Hall said.

But roaming rates need to be at a "market rate" that encourage wireless companies to keep upgrading their networks, he added.

Bell recently cut its 30-day U.S. travel bundle in half to $25. Spokesman Mark Langton said Bell will continue lowering roaming prices but neglected to say for how long.

The CRTC's new wireless code, which will apply to new contracts for cellphones and other mobile devices starting on Dec. 2nd, requires additional roaming charges be capped at $100 unless the customer has agreed to pay more.

It has asked wireless carriers for information such as retail roaming rates for voice, data and text messaging from 2007 to 2012 and to list all of the changes to these rates and the dates when each change took effect in that period.

Additionally, the CRTC has asked wireless carriers to list the top four U.S.-based carriers with whom their customers incur the most roaming traffic.

In other mobile news

The FCC late yesterday issued a Notice of Proposed Rule Making (NPRM) which aims to improve wireless network reliability during disasters by requiring wireless service providers to publicly disclose the percentage of cell sites within their networks that are operational during and immediately after disasters.

The FCC argues that such a mandate would drive wireless carriers to improve their network reliability as a matter of competition.

For now, the FCC is seeking public comment on this proposal and other approaches. Acknowledging that some wireless service disruptions may be unavoidable during emergencies, the FCC also noted that the impact tends to vary among wireless service providers.

Case in point-- last October, Superstorm Sandy disabled approximately 25 percent of all cell sites in the affected region, with more than 50 percent of sites disabled in the hardest-hit counties, yet not all wireless networks were equally impaired in the manner.

The FCC suggests that the operational choices and practices of different wireless service providers may account for much of this variation. The agency is asking for comment on whether the NPRM’s proposed disclosure requirement, by holding wireless providers publicly accountable, could spur improvements to network resiliency while allowing providers flexibility in implementing these improvements.

The proposal would require wireless carriers to submit to the FCC, for public disclosure on a daily basis during and immediately after disasters, the percentage of operational cell sites for each county within a designated disaster area.

Information yielding these percentages is already included in voluntary reports that wireless service providers submit to the FCC daily during disasters, albeit on a presumptively confidential basis and as part of a larger set of data.

In July, CTIA submitted an ex parte filing with the FCC that urged the commission to defer a NPRM on mandatory disaster reliability reporting.

The CTIA said that it was concerned that the proposed rules under consideration were similar to recommendations submitted to the FCC earlier this year by Consumers Union (CU).

Those rules suggest that wireless carriers report, and the Commission publicly disclose, the percentage of cell sites out of service in a particular county during an event classified as a disaster by the FCC.

CTIA argued that CU’s proposed metric didn't provide an accurate picture of a network's true condition and such information would not be of value to consumers.

"As many providers’ cellular sites are configured with overlapping coverage for the most part, the proposed metric risks overstating the degree to which cell site outages adversely affect service availability," CTIA wrote in the filing.

"Ongoing and future deployments of “small cell” and Distributed Antenna System configurations that underlay existing coverage would exacerbate that risk even further," it added.

In other mobile news

Karsten Nohl, the internet security researcher who hacked into SIM cards with a single text message, has told us he is dismayed by the mobile industry's lukewarm response to his revelations, and has revealed exactly how he managed to pull it off.

Nohl believed that by exposing the security flaws in SIM cards, the issue would force wireless network providers to fix them.

Theoretically at least, the two security flaws would have worked in tandem to intercept calls and threaten the security of wireless NFC applications such as pay-by-wave and other contactless payment apps.

Nohl claims that the most serious of the two flaws has been deliberately ignored by a wireless industry that wants to allegedly keep the backdoor open so that it can silently roll out software updates to handsets-- a gaping access hole that may not be closed until it's too late.

Nohl also discovered that he could infiltrate SIM cards by sending specially formatted SMS messages, and discovered another flaw that would enable him to break out from the cards' inbuilt security sandbox.

Yet he was astonished to discover that despite publicly announcing security patches and giving every impression of caring, the wireless industry had actually done nothing to fix the problems.

"We thought our story was one of white-hat hacking preventing criminal activities," Nohl said, lamenting that "as there is no crime, so no investigation". Despite CNN reporting that his own flaw had been used to distribute a fix, Nohl told us that the JavaCard bug was here to stay and was so obvious that it has to be a backdoor, gross negligence, or both.

Get a great deal on a fully dedicated Linux or Windows server. Order here.

Nohl's first security exploit, enabling an attacker to install an application in the secure storage area of a SIM card, has been examined in these pages before, but that only represents a threat if the injected software can break out of the JavaCard sandbox.

Nohl then claimed that it was possible, but until now he hasn't explained exactly how. To be clear, JavaCard is an operating system of sorts, sharing only a name and some syntax with the Java language. JavaCard licensees get a reference implementation from Oracle and then add their own secret source code to differentiate their products, so not all manufacturers' SIMs had this flaw – but many did, Nohl was quick to point out.

Even the version used by JavaCard, Java is supposed to be memory safe in that there are no pointers with which one can read, or write to, arbitrary locations in memory.

Cardlets (as JavaCard apps are known) can only reference data structures they create themselves, and there's no mechanism for inter-cardlet communications.

What Nohl discovered was that by referencing a variable which referenced a variable which referenced an array he could bypass the bounds check that JavaCard is supposed to perform.

Create an array of 10 elements, reference it from a distance and address the eleventh location, and secured memory is yours to explore – and rewrite – as you wish. The whole process is even a lot easier than what most people think.

Nohl says he warned Gemalto, the world's largest SIM card manufacturer – which is among those SIM-makers whose cards exhibit the security flaw – about the existence of the bug. Gemalto told him that it didn't matter – only signed applications could be run so their ability to breach the sandbox was irrelevant.

But the researcher points out that in 2010 Gemalto was able to upgrade bank cards in the field after a calendar bug broke millions of German cards. Bank cards are not designed to be upgraded after being issued, and Nohl contends that a similar flaw was exploited then.

Share on Twitter.

Source: The Canadian Radio-television and Telecommunications Commission.

Advertise with us Advertise with us and see your sales grow rapidly. Learn more.

This article was featured on the Business 5.0 portal. Click here to visit the site.     This article was featured on Business 5.0 and on Tech Blog.

Copyright © Wireless Industry News. All rights reserved.