@paul_ipv6 @briankrebs verisign owned a big chunk of ss7 into the aughts. they divested most of their business units and their #SS7 assets were sold off. i think ss7 might be #twilio and #carlyleGroup's problem to solve, which scares me a little cuz twilio is right in the eye of the hurricane of agentic ai fraud swarms that is forming 😬
it's been parted put to carriers ATT/Verizon/Lumen maintain their own ss7 infra. it's still roaming hubs out there, isn't it?
It's almost 11 years ago since #SS7 vulnarebility has been exposed to the public on the 31. Chaos Communication Congress by Karsten Nohl and his team from @srlabs. And still, this cell phone protocol is the de facto standard without being made safer. Everyone should be aware of this!
@Privacymatters Worth mentioning that "Global Titles" provide access to the #SS7 network and the problems with Signalling Standard 7 -an antique but still used protocol that predates cellular networks- have been known for decades.
Scary bedtime stories for adults.
#ss7 #2fa #surveillance
@licho @osman provide evidence the code @signalapp released is actually being deployed.
git and builds it from source.Not to mention pushing a #Shitcoin-#Scam (#MobileCoin) disqualifies #Signal per very design!
https://www.youtube.com/watch?v=tJoO2uWrX1M
And don't even get me started on the fact.it's not sustainable to run it as a #VCmoneyBurningParty!
Same as identifying users: They already got a #PhoneNumber which in many juristictions one can't even obtain without #ID legally, thus making it super easy to i.e. find and locate a user. Even tze cheapest LEAs can force their local M(V)NOs to #SS7 a specific number...
Again: Signal has a #Honeypot stench, and you better learn proper #E2EE, #SelfCustody and #TechLiteracy because corporations can't pull the 5th [Amendment] on your behalf!
"[...] to provide privacy protection, networks on both ends of the roaming interface must implement the SEPP function. Getting all roaming partners to implement SEPP may be extremely challenging; of the 351 network operators reported to have launched 5G services, only 41 have launched 5G cloud-native architectures according to the Global Mobile Suppliers Association (GSA) as of April 2023. The remaining 310 operators are still using the Non-standalone Architecture (NSA) for 5G, which lets mobile operators bypass the SEPP feature in 5G roaming while still providing the improved speed and reduced latency benefits of the 5G radio access network.
According to interviews with telecommunications security vendors at the Mobile World Congress (MWC) conference in March 2023, only a handful of operators have deployed SEPP, let alone are actually using it. The effect is that many operators are not integrating the security and privacy benefits of the 5G standards when they are deploying 5G networks."
@semicolon
I think therefore Initial Address Message.
"Giải Mã" SS7: Kiến Trúc, Ứng Dụng & Những Điều Cần Biết
👉 Chi tiết: https://www.youtube.com/watch?v=u1EJxM46bgA
SS7 Là Gì? Hé Lộ Giao Thức Quyền Lực Của Viễn Thông & Những Nguy Cơ Bảo Mật
👉 Chi tiết: https://otpsms247.com/signaling-system-7-ss7-la-gi/
@756240d3be0d553b0cd174b3499cffa37fbe8394ee06b9ab50652e314c265fc2 Thanks but is this #SMS related #SS7 attack special to Pixel in any way?
https://www.techtarget.com/whatis/definition/SS7-attack
Do u have further info?
Do you have further info on M2M? Is pixel particularly affected?
https://www.researchgate.net/publication/335487284_Attacks_Against_GSMA's_M2M_Remote_Provisioning_Short_Paper
Remember that SS7 is not secure
What is the best #cellular #soc ?
#baseband #ss7 #firmware #broadband #5G #LTE
Something like this for the #mechaComet phone ... #crowdsupply #kickstarter
n258 5G mmwave - but Quectel is on the list and this hat is bulky (even minus casing) https://selectcommitteeontheccp.house.gov/media/letters/letter-treasury-and-defense-secretaries-chinese-military-company-quectel
#DHS Says #China, #Russia, #Iran, and Israel Are #Spying on People in #US with #SS7
The Department of #HomelandSecurity knows which countries SS7 attacks are primarily originating from. Others include countries in Europe, Africa, and the Middle East.
In the newly released document, #SenatorWyden’s says #DoD confirmed it believes that all US #telecom are vulnerable to SS7 and Diameter #surveillance, and that DoD has not reviewed 3rd-party audits carried out by US carriers
https://www.404media.co/dhs-says-china-russia-iran-and-israel-are-spying-on-people-in-us-with-ss7/
On Mobile Phone Security
https://www.kicksecure.com/wiki/Mobile_Phone_Security
#SS7 and #baseband #vulnerabilities
What about #mobian hardening on a #MechaComet with a cellular hat? Then there's only carrier protocol weaknesses...
If ISPs use microwave relays (the hated 'air' - remember Max Headroom) and NSA access points, is domestic broadband really secure either? But the cable or fiber doesn't have 'carrier' vulns.
https://www.kicksecure.com/wiki/Router_and_Local_Area_Network_Security
#kicksecure #whonix #docs #security-misc
"The Department of Homeland Security (DHS) believes that China, Russia, Iran, and Israel are the “primary” countries exploiting security holes in telecommunications networks to spy on people inside the United States, which can include tracking their physical movements and intercepting calls and texts, according to information released by Senator Ron Wyden.
The news provides more context around use of SS7, the exploited network and protocol, against phones in the country. In May, 404 Media reported that an official inside DHS’s Cybersecurity Insurance and Security Agency (CISA) broke with his department’s official narrative and publicly warned about multiple SS7 attacks on U.S. persons in recent years. Now, the newly disclosed information provides more specifics on where at least some SS7 attacks are originating from."
https://www.404media.co/dhs-says-china-russia-iran-and-israel-are-spying-on-people-in-us-with-ss7/
DHS Says China, Russia, Iran, and Israel Are Spying on People in US with SS7 https://www.404media.co/dhs-says-china-russia-iran-and-israel-are-spying-on-people-in-us-with-ss7/ #ss7 #surveillance
