Thursday, May 31, 2007

Traveler "The Retreat"

Traveler is a new show about two recent college grads who are framed by their mysterious roommate, Will Traveler, for a bombing in New York City. The two are branded terrorist and quickly find themselves on the run from both the Feds and some yet to be identified organization who are presumably the real masterminds behind the bombing.

In "The Retreat," the FBI brings in one of the fugitive's girlfriend for questioning. While still in the FBI offices, she receives a call from her absconder boyfriend on her cell phone. The FBI promptly tries to trace the call, or as the the agent in charges describes it, engage in "a little T&T." I assume T&T stands for Trap and Trace, but with fictional FBI agents, you never know.

As the trace begins, the FBI technicians determine that the caller is using VoIP and it is "heavily encrypted" which will not prevent them from tracing the call, but would slow it down. The scene then cuts back to the boyfriend talking on his cell phone.

Again with the cell phone and VoIP--I not sure how this became so popular with TV writers, but there you go. In reality, there are a couple of services that will allow you to make VoIP calls from you cell phone, but they require either a WiFi enable handset, or the use of cell based data services, such as EVDO. However, handset support is limited and the cost of the data services really makes things unattractive for anyone except the well paid geek.

Thus from a technology perspective, the scenario created by the writers is possible, but the details around it are a little off base and the chances of this actually happening the way they show it are pretty unlikely given the background of the characters.

I'm not going to get into the details of how a traditional trap and trace works, but needless to say, by the time you declare "I know how long it takes to trace a call and you're five seconds to short" you're already screwed--any notion of beating the clock is pretty much a pipe dream under most circumstances. The time based trace does make for an effective tension building device, so it's a little hard to fault screen writers for using it. But that's beside the point.

Because the story left some gaps around how the phone call was made, I am going to assume that the boyfriend placed the call on a prepaid cell phone bought with cash, and that he signed up for the VoIP outbound service with a prepaid gift cards from Visa or American Express--which would have been bought with cash as well. He would need the outbound service to reach his girlfriend's cell phone via VoIP unless they had both set up the service prior to him being on the lamb, which doesn't seem likely. Doing this would prevent any preexisting trap and trace from nailing him as soon as he turned on his phone.

So how would "heavy encryption" slow down the trace of a VoIP call? Simply put, It wouldn't. The way the call was routed would be the biggest limiting factor from a real-time tracing perspective. Additionally, if the call was terminated on the PSTN, the encryption would only be established between the VoIP phone and the PSTN gateway meaning that anyone on the PSTN side would not know it was there.

As if that were not enough, even with encryption, you could not easily hide the source address of the VoIP call. Even if you use UDP--a protocol that allows for easy IP address spoofing--you would not be able to have a two sided conversation because any return traffic would be routed to the bogus address and not back to your phone or soft client. That being the case, once the person tracing the call has access to the source IP address from the PSTN termination box, you are, again, screwed.

Of course, the person would then have to map the IP address to the cell phone account, and then pull the call records (unless you already had a trap and trace set up) to get the person's physical location, assuming that the provider records that information (some do.) The time it would take to gather and correlate all of this information from the different providers and sources is what would have really delayed this Hollywood style trace. Once again, the way the call is routed is the delaying factor for this scenario, not the encryption.

Watch the episode for yourself on ABC.com:

http://dynamic.abc.go.com/streaming/landing

Tuesday, May 29, 2007

Heroes addendum

I guess we will have to wait until next season to find out how Micah's powers actually work, but we did get to see the extent of the damage he could inflict on electronic voting systems.