And here we are today, with not millions of dollars, one can setup an NVO and send SMS Spam because SS7 is not secure.
The original thinking was that if they had physical security of the wires, there would be logical security.
But, as the networks evolved, the old thinking did not.
@licho @osman provide evidence the code @signalapp released is actually being deployed.
git and builds it from source.Not to mention pushing a #Shitcoin-#Scam (#MobileCoin) disqualifies #Signal per very design!
https://www.youtube.com/watch?v=tJoO2uWrX1M
And don't even get me started on the fact.it's not sustainable to run it as a #VCmoneyBurningParty!
Same as identifying users: They already got a #PhoneNumber which in many juristictions one can't even obtain without #ID legally, thus making it super easy to i.e. find and locate a user. Even tze cheapest LEAs can force their local M(V)NOs to #SS7 a specific number...
Again: Signal has a #Honeypot stench, and you better learn proper #E2EE, #SelfCustody and #TechLiteracy because corporations can't pull the 5th [Amendment] on your behalf!
I doubt Hegseth can spell Metadata when sober.
@756240d3be0d553b0cd174b3499cffa37fbe8394ee06b9ab50652e314c265fc2 Thanks but is this #SMS related #SS7 attack special to Pixel in any way?
https://www.techtarget.com/whatis/definition/SS7-attack
Do u have further info?
Do you have further info on M2M? Is pixel particularly affected?
https://www.researchgate.net/publication/335487284_Attacks_Against_GSMA's_M2M_Remote_Provisioning_Short_Paper
On Mobile Phone Security
https://www.kicksecure.com/wiki/Mobile_Phone_Security
#SS7 and #baseband #vulnerabilities
What about #mobian hardening on a #MechaComet with a cellular hat? Then there's only carrier protocol weaknesses...
If ISPs use microwave relays (the hated 'air' - remember Max Headroom) and NSA access points, is domestic broadband really secure either? But the cable or fiber doesn't have 'carrier' vulns.
https://www.kicksecure.com/wiki/Router_and_Local_Area_Network_Security
#kicksecure #whonix #docs #security-misc
"The Department of Homeland Security (DHS) believes that China, Russia, Iran, and Israel are the “primary” countries exploiting security holes in telecommunications networks to spy on people inside the United States, which can include tracking their physical movements and intercepting calls and texts, according to information released by Senator Ron Wyden.
The news provides more context around use of SS7, the exploited network and protocol, against phones in the country. In May, 404 Media reported that an official inside DHS’s Cybersecurity Insurance and Security Agency (CISA) broke with his department’s official narrative and publicly warned about multiple SS7 attacks on U.S. persons in recent years. Now, the newly disclosed information provides more specifics on where at least some SS7 attacks are originating from."
https://www.404media.co/dhs-says-china-russia-iran-and-israel-are-spying-on-people-in-us-with-ss7/
DHS Says China, Russia, Iran, and Israel Are Spying on People in US with SS7 https://www.404media.co/dhs-says-china-russia-iran-and-israel-are-spying-on-people-in-us-with-ss7/ #ss7 #surveillance
"#China #Russia #Iran & #Israel are spying on Americans using telecom weaknesses.
-DHS
All US carriers vulnerable to some extent.
We know this thanks to Sen
Wyden's tireless work to expose #SS7 & #Diameter vulnerabilities.
Global NET for routing calls:
Requests are trusted by default. Whatever operator they come from!
Since requests can let you do things like intercept calls, texts & track phones locations..."
-J Scott-Railton
#Telecommunications #Surveillance
https://www.404media.co/dhs-says-china-russia-iran-and-israel-are-spying-on-people-in-us-with-ss7/
DHS Says China, Russia, Iran, and Israel Are #Spying on People in #US with #SS7 https://www.404media.co/email/ac709882-1e4b-42fc-bcca-cf7ce4793716/
Exposing The Flaw In Our #Phone Systemhttps://www.youtube.com/watch?v=wVyu7NB7W6Y
A massive thank you to #AlexandreDeOliveira and #KarstenNohl making this demo possible.
00:00 I hacked Linus!
00:59 How #SteveJobs and #SteveWozniak hacked the telephone network
02:22 Early history of the telephone
07:08 The kidnapping of #SheikhaLatifa
08:41 How Signalling System No. 7 works
11:03 Why SS7 is vulnerable to hacking
12:15 How hackers gain access to phones
16:17 How I was able to spy on Linus’ phone
18:09 How hackers can intercept text messages
21:04 How your location can be tracked via SS7
29:03 How to protect your phone from hacking
Teleselskaberne og digitaliseringsministeren vil bekæmpe #smishing - #svindel via SMS - ved at AI skal gennemtravle alle vores SMS'er som et andet spamfilter i stedet for at arbejde på at få styr på den globale adgang til #SS7 protokollen, der giver adgang til #spoofing. De vil fange ræven, når den er kommet ind i hønsegården før den spiser hønsene. Det er sikkert billigere og hurtigere, men også dumt. #dkpol 1/2
Don't. SS7 is not secure.
Even if you encrypt the payload, traffic analysis can reveal the parties.
@phlogiston because #GSM (and it's successor standards!) was #backdoored with #Govware like #SS7 so hard it can't be secure under any circumstances!
@shaknais I am pissed off because they don't avtually ban #SS7 but yeet #2G & #3G without having #VoLTE work or being a open standard.
@shaknais Yeah, but that's a general issue that won't go away that way.
It your #NatSec can be cormpromised by #SS7 and your military personnel doesn't employ basic #ITsec, #InfoSec, #OpSec & #ComSec, then I'd call that criminal neglect and at that level one may just give up on the entire illusion of NatSec instead.
OFC #GSM itself is full of Govware-#Backdoors ranging from the A5/x - series of ciphers to it's core structure, but sadly we now got that shitshow and have to workaround it.
A #PSA for anyone living, staying, entering or even travelling to/from #Australia:
Apparently, #Australia decided to mandate it's #GSM systems to be shutdown because some #GalaxyBrainChair wanted to yeet #2G & #3G and demand everything to use #4G & #5G when in fact #VoLTE support is spotty at best and #EmergencyCalling oftentimes is explicitly hardcoded to not use #WIFIcalling or VoLTE as providing #triangulation and #LocationData via #SS7 is a desired feature when someone calls EMS, Fire Dept or the Police for help...
So essentially #tourists and anyone who hasn't an explicitly fully VoLTE-functional device they tested and verified to also do #EmergencyCalls via VoLTE are fecked with no reception when they need it the most!
This WILL KILL PEOPLE!!!
As much as we want to bitch about #GSM & #GPRS / #UMTS being #outdated and #inefficient, there are reasons to at least keep 2G available - ranging from lower power consumption to higher resilience in emergency situations.
#NewZealand for example does shutdown non-#EmergencyCalls during severe #Earthquakes so that people trapped and/or in need of urgent assistance can get through to dispatch operators and everyone else has to get in line and take a number aka. use #SMS or if existing #Internet to say "I'm fine!"...
If the Ozzies really need that juicy #UHF #SubGHz #Spectrum it's totally feasible to instead change the #allocations and reconfigure #CellularNetworks to use lesser bandwith for 2G (i.e. only keeping the absolute mininum of channels available for any service) and thus clear up space...
And to add insult to injury, Australia passed a #NorthKorea|n-alike #CellPhone #ImportBan for any device that doesn't do i.e. the bespoke proprietary garbage that i.e. #Telstra, #Vodafone and #Optus do with the #baseband modems of their #branded devices...
Seriously, which #TechIlliterate dickhead decided it's a good idea to do that #3Gshutdown in Australia without even a basic 2G network up and running at all?
Some new Telco utils 
are now installed in our x86_64, arm64 and partially on RISCV64 images 
rfswift.io
