#ss7 — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #ss7, aggregated by home.social.
-
📬 Mobilfunk-Überwachung: Bad Connection – Unsichtbare Angriffe machen dein Handy zur Ortungswanze
#Cyberangriffe #Datenschutz #CitizenLab #MobilfunkÜberwachung #SIMjacker #SmartphoneSicherheit #SS7 #Standortüberwachung #Surveillance #Telekommunikation https://sc.tarnkappe.info/fed2e2 -
📬 Mobilfunk-Überwachung: Bad Connection – Unsichtbare Angriffe machen dein Handy zur Ortungswanze
#Cyberangriffe #Datenschutz #CitizenLab #MobilfunkÜberwachung #SIMjacker #SmartphoneSicherheit #SS7 #Standortüberwachung #Surveillance #Telekommunikation https://sc.tarnkappe.info/fed2e2 -
📬 Mobilfunk-Überwachung: Bad Connection – Unsichtbare Angriffe machen dein Handy zur Ortungswanze
#Cyberangriffe #Datenschutz #CitizenLab #MobilfunkÜberwachung #SIMjacker #SmartphoneSicherheit #SS7 #Standortüberwachung #Surveillance #Telekommunikation https://sc.tarnkappe.info/fed2e2 -
📬 Mobilfunk-Überwachung: Bad Connection – Unsichtbare Angriffe machen dein Handy zur Ortungswanze
#Cyberangriffe #Datenschutz #CitizenLab #MobilfunkÜberwachung #SIMjacker #SmartphoneSicherheit #SS7 #Standortüberwachung #Surveillance #Telekommunikation https://sc.tarnkappe.info/fed2e2 -
📬 Mobilfunk-Überwachung: Bad Connection – Unsichtbare Angriffe machen dein Handy zur Ortungswanze
#Cyberangriffe #Datenschutz #CitizenLab #MobilfunkÜberwachung #SIMjacker #SmartphoneSicherheit #SS7 #Standortüberwachung #Surveillance #Telekommunikation https://sc.tarnkappe.info/fed2e2 -
Bad Connection
Uncovering Global Telecom Exploitation by Covert Surveillance Actors https://citizenlab.ca/research/uncovering-global-telecom-exploitation-by-covert-surveillance-actors/An investigation by the Citizen Lab Team, which uncovers two sophisticated telecom surveillance campaigns and, for the first time, directly links real-world attack traffic to mobile operator signalling infrastructure.
#CyberSecurity #ThreatIntelligence #Surveillance #TelecomSecurity #MobileSecurity #SS7 #NetworkSecurity #CyberEspionage #CitizenLab #Infosec #Privacy #DigitalRights #CyberResearch #SignalInfrastructure #Telecom
-
Bad Connection
Uncovering Global Telecom Exploitation by Covert Surveillance Actors https://citizenlab.ca/research/uncovering-global-telecom-exploitation-by-covert-surveillance-actors/An investigation by the Citizen Lab Team, which uncovers two sophisticated telecom surveillance campaigns and, for the first time, directly links real-world attack traffic to mobile operator signalling infrastructure.
#CyberSecurity #ThreatIntelligence #Surveillance #TelecomSecurity #MobileSecurity #SS7 #NetworkSecurity #CyberEspionage #CitizenLab #Infosec #Privacy #DigitalRights #CyberResearch #SignalInfrastructure #Telecom
-
Bad Connection
Uncovering Global Telecom Exploitation by Covert Surveillance Actors https://citizenlab.ca/research/uncovering-global-telecom-exploitation-by-covert-surveillance-actors/An investigation by the Citizen Lab Team, which uncovers two sophisticated telecom surveillance campaigns and, for the first time, directly links real-world attack traffic to mobile operator signalling infrastructure.
#CyberSecurity #ThreatIntelligence #Surveillance #TelecomSecurity #MobileSecurity #SS7 #NetworkSecurity #CyberEspionage #CitizenLab #Infosec #Privacy #DigitalRights #CyberResearch #SignalInfrastructure #Telecom
-
Surveillance vendors caught abusing access to telcos to track people’s phone locations, researchers say
The Citizen Lab found two separate surveillance vendors abusing the backbone of cellular networks to spy on several victims across the world.
#cybersecurity #diameter #israel #location-tracking #privacy #security #ss7 #surveillance
https://techcrunch.com/2026/04/23/surveillance-vendors-caught-abusing-access-to-telcos-to-track-peoples-phone-locations-researchers-say/ -
Surveillance vendors caught abusing access to telcos to track people’s phone locations, researchers say
The Citizen Lab found two separate surveillance vendors abusing the backbone of cellular networks to spy on several victims across the world.
#cybersecurity #diameter #israel #location-tracking #privacy #security #ss7 #surveillance
https://techcrunch.com/2026/04/23/surveillance-vendors-caught-abusing-access-to-telcos-to-track-peoples-phone-locations-researchers-say/ -
Surveillance vendors caught abusing access to telcos to track people’s phone locations, researchers say
The Citizen Lab found two separate surveillance vendors abusing the backbone of cellular networks to spy on several victims across the world.
#cybersecurity #diameter #israel #location-tracking #privacy #security #ss7 #surveillance
https://techcrunch.com/2026/04/23/surveillance-vendors-caught-abusing-access-to-telcos-to-track-peoples-phone-locations-researchers-say/ -
Surveillance vendors caught abusing access to telcos to track people’s phone locations, researchers say
The Citizen Lab found two separate surveillance vendors abusing the backbone of cellular networks to spy on several victims across the world.
#cybersecurity #diameter #israel #location-tracking #privacy #security #ss7 #surveillance
https://techcrunch.com/2026/04/23/surveillance-vendors-caught-abusing-access-to-telcos-to-track-peoples-phone-locations-researchers-say/ -
Surveillance vendors caught abusing access to telcos to track people’s phone locations, researchers say
The Citizen Lab found two separate surveillance vendors abusing the backbone of cellular networks to spy on several victims across the world.
#cybersecurity #diameter #israel #location-tracking #privacy #security #ss7 #surveillance
https://techcrunch.com/2026/04/23/surveillance-vendors-caught-abusing-access-to-telcos-to-track-peoples-phone-locations-researchers-say/ -
It is 2026 and #SS7 still keeps causing trouble... By @citizenlab
#3GPPhttps://citizenlab.ca/research/uncovering-global-telecom-exploitation-by-covert-surveillance-actors/
-
Interesting and comprehensive report about sophisticated telecom surveillance campaigns involving mobile operator signaling infrastructure https://citizenlab.ca/research/uncovering-global-telecom-exploitation-by-covert-surveillance-actors/ and identifying three gateways to surveillance (019Mobile, Airtel Jersey, Tango Networks UK) #3gpp #gsm #gsma #ss7 #diameter
-
Interesting and comprehensive report about sophisticated telecom surveillance campaigns involving mobile operator signaling infrastructure https://citizenlab.ca/research/uncovering-global-telecom-exploitation-by-covert-surveillance-actors/ and identifying three gateways to surveillance (019Mobile, Airtel Jersey, Tango Networks UK) #3gpp #gsm #gsma #ss7 #diameter
-
Interesting and comprehensive report about sophisticated telecom surveillance campaigns involving mobile operator signaling infrastructure https://citizenlab.ca/research/uncovering-global-telecom-exploitation-by-covert-surveillance-actors/ and identifying three gateways to surveillance (019Mobile, Airtel Jersey, Tango Networks UK) #3gpp #gsm #gsma #ss7 #diameter
-
Interesting and comprehensive report about sophisticated telecom surveillance campaigns involving mobile operator signaling infrastructure https://citizenlab.ca/research/uncovering-global-telecom-exploitation-by-covert-surveillance-actors/ and identifying three gateways to surveillance (019Mobile, Airtel Jersey, Tango Networks UK) #3gpp #gsm #gsma #ss7 #diameter
-
Interesting and comprehensive report about sophisticated telecom surveillance campaigns involving mobile operator signaling infrastructure https://citizenlab.ca/research/uncovering-global-telecom-exploitation-by-covert-surveillance-actors/ and identifying three gateways to surveillance (019Mobile, Airtel Jersey, Tango Networks UK) #3gpp #gsm #gsma #ss7 #diameter
-
The cellular network was built in 1985, with zero privacy in mind.
Today, we're talking about the infrastructure vulnerabilities that most people don't know about.
Ep.21 dropped TODAY:
🔹 How fake towers steal your identity
🔹 Why SS7 lets attackers track your location
🔹 And actionable steps to protect yourselfThis isn't fearmongering. It's awareness. And awareness is power.
🎧 Listen: ImpracticalPrivacy.com
#DigitalPrivacy #Privacy #CyberSecurity #Telecom #Stingray #SS7 #5G #Fediverse
-
The cellular network was built in 1985, with zero privacy in mind.
Today, we're talking about the infrastructure vulnerabilities that most people don't know about.
Ep.21 dropped TODAY:
🔹 How fake towers steal your identity
🔹 Why SS7 lets attackers track your location
🔹 And actionable steps to protect yourselfThis isn't fearmongering. It's awareness. And awareness is power.
🎧 Listen: ImpracticalPrivacy.com
#DigitalPrivacy #Privacy #CyberSecurity #Telecom #Stingray #SS7 #5G #Fediverse
-
The cellular network was built in 1985, with zero privacy in mind.
Today, we're talking about the infrastructure vulnerabilities that most people don't know about.
Ep.21 dropped TODAY:
🔹 How fake towers steal your identity
🔹 Why SS7 lets attackers track your location
🔹 And actionable steps to protect yourselfThis isn't fearmongering. It's awareness. And awareness is power.
🎧 Listen: ImpracticalPrivacy.com
#DigitalPrivacy #Privacy #CyberSecurity #Telecom #Stingray #SS7 #5G #Fediverse
-
Your phone is a window into your life. Are you sure the world can't see through it? 👀
Tomorrow, ep.21 of Impractical Privacy.
We go beyond apps and settings to look at the cellular network itself
We're talking about:
📡 IMSI Catchers
🌐 SS7 Exploits
📉 The 5G MythThe infrastructure was built in an era of trust. That era is over.
Privacy isn't just a tool; it's a right
🎧 Listen tomorrow at: ImpracticalPrivacy.com
#DigitalPrivacy #Privacy #CyberSecurity #Telecom #Stingray #SS7 #5G #Fediverse
-
Your phone is a window into your life. Are you sure the world can't see through it? 👀
Tomorrow, ep.21 of Impractical Privacy.
We go beyond apps and settings to look at the cellular network itself
We're talking about:
📡 IMSI Catchers
🌐 SS7 Exploits
📉 The 5G MythThe infrastructure was built in an era of trust. That era is over.
Privacy isn't just a tool; it's a right
🎧 Listen tomorrow at: ImpracticalPrivacy.com
#DigitalPrivacy #Privacy #CyberSecurity #Telecom #Stingray #SS7 #5G #Fediverse
-
Your phone is a window into your life. Are you sure the world can't see through it? 👀
Tomorrow, ep.21 of Impractical Privacy.
We go beyond apps and settings to look at the cellular network itself
We're talking about:
📡 IMSI Catchers
🌐 SS7 Exploits
📉 The 5G MythThe infrastructure was built in an era of trust. That era is over.
Privacy isn't just a tool; it's a right
🎧 Listen tomorrow at: ImpracticalPrivacy.com
#DigitalPrivacy #Privacy #CyberSecurity #Telecom #Stingray #SS7 #5G #Fediverse
-
Your phone is a window into your life. Are you sure the world can't see through it? 👀
Tomorrow, ep.21 of Impractical Privacy.
We go beyond apps and settings to look at the cellular network itself
We're talking about:
📡 IMSI Catchers
🌐 SS7 Exploits
📉 The 5G MythThe infrastructure was built in an era of trust. That era is over.
Privacy isn't just a tool; it's a right
🎧 Listen tomorrow at: ImpracticalPrivacy.com
#DigitalPrivacy #Privacy #CyberSecurity #Telecom #Stingray #SS7 #5G #Fediverse
-
That would be difficult for kids, because it requires lifting the handset, and demonstrating a sense of timing.
-
That would be difficult for kids, because it requires lifting the handset, and demonstrating a sense of timing.
-
That would be difficult for kids, because it requires lifting the handset, and demonstrating a sense of timing.
-
That would be difficult for kids, because it requires lifting the handset, and demonstrating a sense of timing.
-
That would be difficult for kids, because it requires lifting the handset, and demonstrating a sense of timing.
-
Эпические баги: как один Break положил телефонную сеть по всему США в 1990 г
В подразделении, где я работаю, есть традиция - новичку при онбординге вручается ссылка на Wiki с легендарными багами, приведшими к заметным последствиям. Недавно мне пришла в голову идея сделать такую же страницу, но уже со ссылками на Хабр, потому что на русском о багах пишут с бОльшим огоньком. Но, увы, оказалось, что каскадному падению серверов AT&T 15 января 1990 года внимание как-то не уделено. А ведь история получилась, прямо-таки эпическая. Итак, 15 января 1990 года из-за одной строчки кода телефонная сеть AT&T получила 9 часов даунтайма, 70 миллионов несовершенных звонков, а общий убыток насчитали в $60 миллионов еще не инфляционных долларов. И нет, там не было неудачного релиза, развернутого сразу и везде. Все было гораздо интереснее.
https://habr.com/ru/companies/beget/articles/1009300/
#4ESS #SS7 #эпический_баг #ошибка #каскадный_сбой #телекоммуникации #тестирование #1990 #надёжность
-
Эпические баги: как один Break положил телефонную сеть по всему США в 1990 г
В подразделении, где я работаю, есть традиция - новичку при онбординге вручается ссылка на Wiki с легендарными багами, приведшими к заметным последствиям. Недавно мне пришла в голову идея сделать такую же страницу, но уже со ссылками на Хабр, потому что на русском о багах пишут с бОльшим огоньком. Но, увы, оказалось, что каскадному падению серверов AT&T 15 января 1990 года внимание как-то не уделено. А ведь история получилась, прямо-таки эпическая. Итак, 15 января 1990 года из-за одной строчки кода телефонная сеть AT&T получила 9 часов даунтайма, 70 миллионов несовершенных звонков, а общий убыток насчитали в $60 миллионов еще не инфляционных долларов. И нет, там не было неудачного релиза, развернутого сразу и везде. Все было гораздо интереснее.
https://habr.com/ru/companies/beget/articles/1009300/
#4ESS #SS7 #эпический_баг #ошибка #каскадный_сбой #телекоммуникации #тестирование #1990 #надёжность
-
Эпические баги: как один Break положил телефонную сеть по всему США в 1990 г
В подразделении, где я работаю, есть традиция - новичку при онбординге вручается ссылка на Wiki с легендарными багами, приведшими к заметным последствиям. Недавно мне пришла в голову идея сделать такую же страницу, но уже со ссылками на Хабр, потому что на русском о багах пишут с бОльшим огоньком. Но, увы, оказалось, что каскадному падению серверов AT&T 15 января 1990 года внимание как-то не уделено. А ведь история получилась, прямо-таки эпическая. Итак, 15 января 1990 года из-за одной строчки кода телефонная сеть AT&T получила 9 часов даунтайма, 70 миллионов несовершенных звонков, а общий убыток насчитали в $60 миллионов еще не инфляционных долларов. И нет, там не было неудачного релиза, развернутого сразу и везде. Все было гораздо интереснее.
https://habr.com/ru/companies/beget/articles/1009300/
#4ESS #SS7 #эпический_баг #ошибка #каскадный_сбой #телекоммуникации #тестирование #1990 #надёжность
-
Эпические баги: как один Break положил телефонную сеть по всему США в 1990 г
В подразделении, где я работаю, есть традиция - новичку при онбординге вручается ссылка на Wiki с легендарными багами, приведшими к заметным последствиям. Недавно мне пришла в голову идея сделать такую же страницу, но уже со ссылками на Хабр, потому что на русском о багах пишут с бОльшим огоньком. Но, увы, оказалось, что каскадному падению серверов AT&T 15 января 1990 года внимание как-то не уделено. А ведь история получилась, прямо-таки эпическая. Итак, 15 января 1990 года из-за одной строчки кода телефонная сеть AT&T получила 9 часов даунтайма, 70 миллионов несовершенных звонков, а общий убыток насчитали в $60 миллионов еще не инфляционных долларов. И нет, там не было неудачного релиза, развернутого сразу и везде. Все было гораздо интереснее.
https://habr.com/ru/companies/beget/articles/1009300/
#4ESS #SS7 #эпический_баг #ошибка #каскадный_сбой #телекоммуникации #тестирование #1990 #надёжность
-
Someone just attempted to activate #Signalapp on my phone number (I received the SMS verification code all the sudden). Even if they would have some #SS7 hack going on where they can get a duplicate of the SMS, I actually do have a registration lock enabled. (*)
However, it could also be someone making a mistake entering their phone number during setup.
*) https://support.signal.org/hc/en-us/articles/360007059792-Signal-PIN
-
Someone just attempted to activate #Signalapp on my phone number (I received the SMS verification code all the sudden). Even if they would have some #SS7 hack going on where they can get a duplicate of the SMS, I actually do have a registration lock enabled. (*)
However, it could also be someone making a mistake entering their phone number during setup.
*) https://support.signal.org/hc/en-us/articles/360007059792-Signal-PIN
-
Someone just attempted to activate #Signalapp on my phone number (I received the SMS verification code all the sudden). Even if they would have some #SS7 hack going on where they can get a duplicate of the SMS, I actually do have a registration lock enabled. (*)
However, it could also be someone making a mistake entering their phone number during setup.
*) https://support.signal.org/hc/en-us/articles/360007059792-Signal-PIN
-
Someone just attempted to activate #Signalapp on my phone number (I received the SMS verification code all the sudden). Even if they would have some #SS7 hack going on where they can get a duplicate of the SMS, I actually do have a registration lock enabled. (*)
However, it could also be someone making a mistake entering their phone number during setup.
*) https://support.signal.org/hc/en-us/articles/360007059792-Signal-PIN
-
Someone just attempted to activate #Signalapp on my phone number (I received the SMS verification code all the sudden). Even if they would have some #SS7 hack going on where they can get a duplicate of the SMS, I actually do have a registration lock enabled. (*)
However, it could also be someone making a mistake entering their phone number during setup.
*) https://support.signal.org/hc/en-us/articles/360007059792-Signal-PIN
-
The year is 2027. Email is #unreliable; little gets past #Gmail filters without a contract to receive your #email. #Governments don't stop it because (a) they have a contract, and (b) they don't understand how email works. Or worked.
#Tech companies finally realize that #SS7 is #insecure. Phone calls and texts can't be #trusted. Machine-learning-generated ("AI") audio and video means video and voice calls are doubly cursed - too many #FAANG executives have had embarrassing public #failures, falling #victim to the corporate equivalent of the grandparent #scam.
Few people use #TOTP, because the tech #companies don't promote it, they each call it something else and make it work differently, and they all want you to use their "app" rather than the standard 3-line script that can generate the correct code given a key and the current timestamp. The technically-minded try to educate their relatives and friends as part of the free-tech-support assumption, but no one cares.
#Account #recovery now involves waiting at home to sign for an envelope delivered by the lowest-cost (and therefore bribe-able) courier to the #registered home address of the account. Millions each year lose their email, #photos, videos, "purchased" digital #content, password vaults, etc because they've moved since they set up the account, or they have a P.O. box and companies don't believe those #exist.
The #internet is a vast digital #wasteland - wait, a saviour onstage: "Walled Garden-Net!".
Burn it.
-
The year is 2027. Email is #unreliable; little gets past #Gmail filters without a contract to receive your #email. #Governments don't stop it because (a) they have a contract, and (b) they don't understand how email works. Or worked.
#Tech companies finally realize that #SS7 is #insecure. Phone calls and texts can't be #trusted. Machine-learning-generated ("AI") audio and video means video and voice calls are doubly cursed - too many #FAANG executives have had embarrassing public #failures, falling #victim to the corporate equivalent of the grandparent #scam.
Few people use #TOTP, because the tech #companies don't promote it, they each call it something else and make it work differently, and they all want you to use their "app" rather than the standard 3-line script that can generate the correct code given a key and the current timestamp. The technically-minded try to educate their relatives and friends as part of the free-tech-support assumption, but no one cares.
#Account #recovery now involves waiting at home to sign for an envelope delivered by the lowest-cost (and therefore bribe-able) courier to the #registered home address of the account. Millions each year lose their email, #photos, videos, "purchased" digital #content, password vaults, etc because they've moved since they set up the account, or they have a P.O. box and companies don't believe those #exist.
The #internet is a vast digital #wasteland - wait, a saviour onstage: "Walled Garden-Net!".
Burn it.
-
The year is 2027. Email is #unreliable; little gets past #Gmail filters without a contract to receive your #email. #Governments don't stop it because (a) they have a contract, and (b) they don't understand how email works. Or worked.
#Tech companies finally realize that #SS7 is #insecure. Phone calls and texts can't be #trusted. Machine-learning-generated ("AI") audio and video means video and voice calls are doubly cursed - too many #FAANG executives have had embarrassing public #failures, falling #victim to the corporate equivalent of the grandparent #scam.
Few people use #TOTP, because the tech #companies don't promote it, they each call it something else and make it work differently, and they all want you to use their "app" rather than the standard 3-line script that can generate the correct code given a key and the current timestamp. The technically-minded try to educate their relatives and friends as part of the free-tech-support assumption, but no one cares.
#Account #recovery now involves waiting at home to sign for an envelope delivered by the lowest-cost (and therefore bribe-able) courier to the #registered home address of the account. Millions each year lose their email, #photos, videos, "purchased" digital #content, password vaults, etc because they've moved since they set up the account, or they have a P.O. box and companies don't believe those #exist.
The #internet is a vast digital #wasteland - wait, a saviour onstage: "Walled Garden-Net!".
Burn it.
-
The year is 2027. Email is #unreliable; little gets past #Gmail filters without a contract to receive your #email. #Governments don't stop it because (a) they have a contract, and (b) they don't understand how email works. Or worked.
#Tech companies finally realize that #SS7 is #insecure. Phone calls and texts can't be #trusted. Machine-learning-generated ("AI") audio and video means video and voice calls are doubly cursed - too many #FAANG executives have had embarrassing public #failures, falling #victim to the corporate equivalent of the grandparent #scam.
Few people use #TOTP, because the tech #companies don't promote it, they each call it something else and make it work differently, and they all want you to use their "app" rather than the standard 3-line script that can generate the correct code given a key and the current timestamp. The technically-minded try to educate their relatives and friends as part of the free-tech-support assumption, but no one cares.
#Account #recovery now involves waiting at home to sign for an envelope delivered by the lowest-cost (and therefore bribe-able) courier to the #registered home address of the account. Millions each year lose their email, #photos, videos, "purchased" digital #content, password vaults, etc because they've moved since they set up the account, or they have a P.O. box and companies don't believe those #exist.
The #internet is a vast digital #wasteland - wait, a saviour onstage: "Walled Garden-Net!".
Burn it.
-
The year is 2027. Email is #unreliable; little gets past #Gmail filters without a contract to receive your #email. #Governments don't stop it because (a) they have a contract, and (b) they don't understand how email works. Or worked.
#Tech companies finally realize that #SS7 is #insecure. Phone calls and texts can't be #trusted. Machine-learning-generated ("AI") audio and video means video and voice calls are doubly cursed - too many #FAANG executives have had embarrassing public #failures, falling #victim to the corporate equivalent of the grandparent #scam.
Few people use #TOTP, because the tech #companies don't promote it, they each call it something else and make it work differently, and they all want you to use their "app" rather than the standard 3-line script that can generate the correct code given a key and the current timestamp. The technically-minded try to educate their relatives and friends as part of the free-tech-support assumption, but no one cares.
#Account #recovery now involves waiting at home to sign for an envelope delivered by the lowest-cost (and therefore bribe-able) courier to the #registered home address of the account. Millions each year lose their email, #photos, videos, "purchased" digital #content, password vaults, etc because they've moved since they set up the account, or they have a P.O. box and companies don't believe those #exist.
The #internet is a vast digital #wasteland - wait, a saviour onstage: "Walled Garden-Net!".
Burn it.
-
[Перевод] Хороший, Плохой, Расширенный: SS7 атака с использованием расширенных тэгов
Есть два типа операций в SS7, друг мой: безобидные... и те, что держат револьвер... ... Это, конечно, утрирование. Однако, как и герои спагетти-вестернов, операции в SS7 предстают перед нами в полном своем разнообразии и глубине, и иногда их сложно распарсить, а главное - обработать безопасно для абонента. Неверная обработка операций (команд) в SS7 (они же PDUs), несет за собой серьезные риски и потенциально может привести к угрозам уровня уязвимостей нулевого дня, открывая широкий спектр возможных атак.
-
[Перевод] Хороший, Плохой, Расширенный: SS7 атака с использованием расширенных тэгов
Есть два типа операций в SS7, друг мой: безобидные... и те, что держат револьвер... ... Это, конечно, утрирование. Однако, как и герои спагетти-вестернов, операции в SS7 предстают перед нами в полном своем разнообразии и глубине, и иногда их сложно распарсить, а главное - обработать безопасно для абонента. Неверная обработка операций (команд) в SS7 (они же PDUs), несет за собой серьезные риски и потенциально может привести к угрозам уровня уязвимостей нулевого дня, открывая широкий спектр возможных атак.
-
[Перевод] Хороший, Плохой, Расширенный: SS7 атака с использованием расширенных тэгов
Есть два типа операций в SS7, друг мой: безобидные... и те, что держат револьвер... ... Это, конечно, утрирование. Однако, как и герои спагетти-вестернов, операции в SS7 предстают перед нами в полном своем разнообразии и глубине, и иногда их сложно распарсить, а главное - обработать безопасно для абонента. Неверная обработка операций (команд) в SS7 (они же PDUs), несет за собой серьезные риски и потенциально может привести к угрозам уровня уязвимостей нулевого дня, открывая широкий спектр возможных атак.
-
[Перевод] Хороший, Плохой, Расширенный: SS7 атака с использованием расширенных тэгов
Есть два типа операций в SS7, друг мой: безобидные... и те, что держат револьвер... ... Это, конечно, утрирование. Однако, как и герои спагетти-вестернов, операции в SS7 предстают перед нами в полном своем разнообразии и глубине, и иногда их сложно распарсить, а главное - обработать безопасно для абонента. Неверная обработка операций (команд) в SS7 (они же PDUs), несет за собой серьезные риски и потенциально может привести к угрозам уровня уязвимостей нулевого дня, открывая широкий спектр возможных атак.
-
Privacy Cell warnt vor unsicheren 2G/3G-Netzen (SS7-anfällig) & IMSI-Catchern – checkt deine Mobilfunkprotokolle für mehr Sicherheit! 📱🔍 Open-Source-App auf F-Droid. https://f-droid.org/en/packages/com.stoutner.privacycell/ #Privacy #FOSS #Datenschutz #SS7
#MeeMeep xD