hpr-knowledge-base/hpr_transcripts/hpr1623.txt

Episode: 1623
Title: HPR1623: Tech and Coffee at OggCamp
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr1623/hpr1623.mp3
Transcribed: 2025-10-18 05:58:10

---

This episode of HPR is brought to you by AnanasThost.com.
Get 15% discount on all shared hosting with the offer code HPR15.
That's HPR15.
Better web hosting that's honest and fair at AnanasThost.com.
Hello, this is Benny for Hacker Public Radio.
This is Hacker Public Radio episode 1623 on October 22nd of 2014.
This is yet another episode of two interviews from Ocamp and this episode I interviewed
two people from Tekken Coffee which is a Google plus hangout.
Pretty much yeah.
The first one is George Dasha who was a founder or co-founder of Tekken Coffee and the second
one is Keith Miller who has his own company and works with cell phone networks in the UK
and has some pretty much interesting things to say about cell phones and encryption, especially
of non encrypted traffic controlled by Chinese firms.
Well you decide yourself where you find this interesting enough.
Well but first we'll listen to George Dasha what he has to say about Tekken Coffee and how
it came about where you find it.
Here we go.
Welcome to Ocamp.
Who are you?
What are you doing here?
My name is George Dasha, I'm from New York but live in Jacksonville, Florida.
I flew all the way here to crew for one day at Ocamp but today I'm enjoying myself.
So I'm actually just going around and hanging out with some friends and doing stuff.
Alright and what are you doing in the US at home?
I do.
I do.
I do support for a rather large bank.
One of my other claims of fame is Philip was saying here a few seconds ago, walking
by saying George is famous for Tekken Coffee which is a Google plus hangout that's been
active almost continuously since November 2011.
Alright and what's it about, what's already the discussions about, isn't it?
Well it's about everything.
There's been some articles about us that proclaim us as being the pretty much unofficial
Google help desk.
People will come in and ask questions and people will hop over and try to help them out.
I started it as a Linux open source thing but now it's just kind of open to everyone.
See how Mac, Windows, everybody comes in and we just all talk.
It's general tech really.
Alright, how big is it?
We have almost 40,000 members in our community.
Our hangout isn't public but there's links to get into it so people do find us and we'll
come in and ask questions and such.
Is it many Americans?
Everyone for all over the world.
We have a lot of Canadians, a lot of Americans, a whole lot of British.
In fact some of them who have come to Tekken Coffee now come to Oddcamp because I come
every year and we all just hang out together and so we call it like a mini Tekken Coffee
thing so we just wear our t-shirts so you can see us all walking around.
Alright so what's your reason to come to Oddcamp?
Well actually believe it or not Peter Cannon of TDTRS, we used to chat together in the
openzoosay.us forums and we had this report going where we'd probably just beat up each
other, you know how he is.
So basically I'd throw my American wit and Heathrow is, you know, London I'm going to
kick your butt comedy into it and basically having befriended him over years, over time
I've learned about Lennox Outlaws and then learned about this and then started coming
over.
Oh no, so are there any talks you want to see or it's just here for socializing?
A little bit of both.
I came here more or less to crew so usually when I crew and this year I'm only crewing
one day but usually when I do crew the last two years I usually sometimes I get to see
what I want but most of the time I don't.
But the really interesting thing is when I come here and I'm actually inside of a lecture
that I really didn't know if I wanted to listen to, I end up actually finding it very
interesting.
So it might not have been something I wanted to listen to but it's something I'd become
interested in.
So it's kind of cool, I've been forced to learn other things.
All right, great, could you, for the end, could you tell people how, how did I find
you or take a coffee if they want to?
Actually they find, I think they find me not what they expect me to be.
I don't know, I mean it's weird, they'll just talk to me and especially if I'm crew
and somebody asks me directions and then I realize I don't have the accent for giving
directions or helping people around but as a crew member, yeah it's a little bit different
but it's an open source thing, we're all here to support open source, you know I'm here
as just an open source person and not just an American, so great, thank you, it's a pleasure.
All right, this was George Dusher, now we move on to another interview with Keith Milner
which is a fairly technical interview about cell phone and phone networks, so to be honest
I didn't get everything he was telling me but maybe you're more informed about this
and you'll understand it.
I found especially a second part very interesting where he talked about encryption and encrypted
traffic as I said.
All right, let's get going with the interview, that's Keith Milner for you, here we go.
So this is Benny for HPR and I'm talking to Keith Milner, right, welcome to Arkham.
So what brings you to Arkham?
This is my third year at Arkham, came to the previous two in Liverpool and I got to know
about Arkham through George Dusher who is part of a group on G plus called Tech and Coffee
which is a kind of group of tech-minded people who hang out, do Google Hangouts and George
has been a regular visitor to Arkham for various other places and he kind of shifted
that I come along because he was actually coming along and I hadn't actually met him
in person so I came along to the one in Liverpool back in 2012 and enjoyed it thoroughly
so I've been coming since.
Great, I interviewed him before about Tech and Coffee and he told me you're an interesting
person so what makes you different from the normal Arkham crew?
I'm not sure about it, to be honest I'm probably very similar to most of them, I've been
a Linux user for a long time, I run my own company and I have done for a long time
of working telecoms but I've always used open tools in my company rather than commercial
software as a preference, I do use some commercial software, things like VMware and so on
that all my desktop systems tend to be Linux-based when I'm using Linux tools and I quite often
go and do consulting in large telecoms companies like cable and wireless, and Vodafone and BT
and so on and I tend to promote the use of open tools systems they were ever possible
as well but yeah I'm a geek, I'm a Geek like most other people here I think so.
So that's interesting, you own your own company, what exactly do you do?
I do telecommunications, as I mentioned I do work with telecoms companies but I'm telecommunicated
with telecommunications engineer by background, so I'm networking, I do a lot of networking
it's consulting basis really so I will go into companies and I work on networks, I work
on the systems that run their networks and I work on the systems that glue their stuff
together, so a lot of integration work which opensource is actually excellent for.
So there might be, I've done some work for example on large network management systems
like BT, large network of forecasting systems like BT and cable and wireless and people
like that.
And those are large, they're commercial systems but there's always a kind of, how do you
actually get the information out of for example an inventory system or out of a network
management system and into the long management system and there's a lot of integration work
there and open source is perfect for that because it gives you the tools to actually
do that integration very quickly and easily and cheaply.
But that's kind of what I do, I do a lot of network and service design and integration
stuff, mobile networks I'm doing a lot of mobile networks at the moment, mobile call
network designs.
All right, let's say for someone like me who doesn't know anything about telecommunications
except I own a smartphone and text my girlfriend, so if I text my girlfriend for instance,
or does this text message touch your system, your work what you do?
Okay, this is something you can talk about for hours because it's actually quite complex
but basically all the core network systems, if you imagine you've got a phone, that phone
has to register with the network and it registers the network using because on the network
it's called an HLR which is basically a database which has all the details of your SIM card
on there and it's actually got encrypted keys on it as well.
So when your phone tries to connect to the network, first thing it does is say I need
to register, there's some hand-shaking goes on it works out which HLR which database
you connect to and then there's a cryptographic key exchange with the details of your SIM,
the cryptography keys of your SIM which have already been preloaded onto the HLR to actually
verify that you are who you say you are and identify you as an account and also set up
encrypted channel for the rest of the communications and then once you've done that there's the
basically is an encrypted data channel which communicates your phone then uses to communicate
with the core network databases and other services to allow you to do things like set up
a call, send an SMS and so on and the SMS particularly there's a thing called SMSC which
is basically a message store, it's almost like an email server but it's for SMSS and
most of it runs on a as a signaling system, it's a network, telecommunications networks
basically live and die on signaling systems because that's what basically struts allows
each of the devices to communicate to each other how they what to do, you know, I want
to make a telephone call, I want to send the SMS etc etc and the core signaling system
used in telecommunications networks is called signaling system number seven, she's been
around for years and but it's very very powerful and so a lot of work I do is on those
sort of network signaling system networks which basically allow allow devices to actually
tell each other I want to telephone call but yeah at least there's a lot more VoIP for
example VoIP uses a signal system called SIP which people probably have heard of.
We were talking about encryption, I studied math and in a theoretical course I learned
that CSM is kind of broken though you can break the encryption with like six minutes of
data, so I'm interested in what's what's done to solve this, is there a new technologist
is solved?
I think not at the moment there's various things I mean one of the problems is that there's
a set of algorithms, it's all based because sims are basically smart cards and there's
a set of standardized algorithms that you can use and the problem is that in the past
a lot of people have basically used, it's a bit like when you're setting up a VPN you've
got a choice of whether to use for example trickle des or SSJ1 or whatever and one you choose
to kind of define how good your security is or the same sort of thing goes on with CSM
you've got various algorithms that are available to you but people tend to go with the lowest
condominator, so the problem is when people do that you end up with very easily cracked
networks and that's one thing, then the second thing is that when you do use those more
complex algorithms which give you better security people tend to again use the default key
settings and so you end up with well there's one component of the encryption that everyone
kind of already knows, the problem is that when you and I've just gone through this with
a company that if you go through and say I want to define my sims to have a different
standard key setting there's a thing called millenage which is the kind of algorithm they
use which is more secure then that gives you much better security but generally speaking
you go to the other switch manufacturers like likes of Ericsson and they go oh we don't
support that at the standard will that all have to be a special and they can do it and
it's basically changing through pew parameters but most of the kind of commercial switch vendors
who make the call equipment are really not geared up to do that because it's sort of, you
know, despite the fact that kits capable of doing it they require someone to go in and
do some special work on it so they usually try and do it as an expensive, additional
thing to them but that's a lot of the problem is because to be honest a lot of the people
who, a lot of the companies that set up mobile networks don't really understand how it
all works yeah and that's why the likes of me coming in the eyes I help them set it
up but there is so much involved with GSM is probably the single most complex network
infrastructure computing infrastructure in the world it's just so there's so much of
it it's so complex in nature and so things like that get missed so but it is an issue but
my I would actually say the bigger issue with mobile networks and a lot of people don't
say how they work the bigger issue with mobile networks is data that the airside stuff is is
one thing but once you've got the radio onto the actual fixed line part of it you know where
they're you're transmitting between networks using fiber optic cables the the way that that
mobile networks actually do things like roaming especially for data is through these networks
called GRXs which are unencrypted in fact the companies that run those network actually sniff
the data as a service for the operators and most of the GRXs in the world are run by Chinese
companies so pretty much if you go road if you're roaming or if you're using a network like gift
gaff or Tesco mobile or any of those other sort of services which right here are what they call
national roaming agreement which is an MP&O where your where the main network is actually run
by telephonic or or vote of someone and you're rebranding it you'll you'll be going via GRX and
all that stuff for being unencrypted be routinely sniffed and stored available to almost certainly
I like this officially but I'm almost certainly available to government for scrutiny and
and also available to telecoms of that and the Chinese of Chinese companies that
operates the service and none of it's encrypted unless unless you're actually running encrypted
stuff you know from your handset through if you're using HTTPS obviously it is but anything which
isn't it gets through to any sniffed and those guys basically the the they have this technological
deep packing inspection and the DPI technology that's available you can go into those systems and
after a very short period of collecting data you can go inside pick a telephone that you can
say watch telephone numbers have been using this service pick a number and it will say watch
email the dresses are associated with it what websites have they been looking at yeah all kind
of stuff like that we're very very easy it's ridiculous amount of information so so encrypting
up from the client data so you know things like HTTPS and SSL are actually going much more
important in my view because if you want to retain your privacy it's anyway great great thank you
it's interesting talking to you is there anything you'd like our listeners to know like where to
find you and the internet where to find your company or anything yeah I use gplus more than anything
else I do have twitter account which is at Keith Milner but best place to find me is to be
honest is gplus and I'm at plus Keith Milner on gplus so you know very easy to find really
great thank you talking to me cheers all right those were the two interviews from
I'll camp this year with members of tech and coffee and I'll still get two sets of interviews
coming up unlike I told you in the last episode I in total I've got four sets of injuries no three
I'll kind of forgot about the tech and coffee ones and here we go the next set of interview will
be with the organizers of a camp then and fab from Linux outlaws and mark from Ubuntu UK podcast
and the last interview is one I took with coronominal with the crew from Linux voice magazine
they talk pretty much about their magazine and how they crowdfunded the magazine everythings
if you try to find me you'll find me as Navigium at micro.fractf.com that's new social
if you look hard enough you'll also find me on gplus or twitter and I'm also on sdf as
Benny at sdf the work that's also my email you could use if you like to give me feedback
but the best way to give feedback is to record your own episodes anyway so do this go recording
because we're alone at episodes at the moment thank you for listening and goodbye
you've been listening to hecka public radio at hecka public radio dot org we are a community
podcast network that releases shows every weekday Monday through Friday today show like all our
shows was contributed by an hbr listener like yourself if you ever thought of recording a podcast
then click on our contributing to find out how easy it really is hecka public radio was found
by the digital dog pound and the infonomican computer club and it's part of the binary revolution
at binwreff.com if you have comments on today's show please email the host directly leave a comment
on the website or record a follow-up episode yourself unless otherwise status today's show is
released under creative comments attribution share a light 3.0 license