#ss7
@licho @osman provide evidence the code @signalapp released is actually being deployed.
- Whereas @monocles has #ReproducibleBuilds to the point that @fdroidorg literally pulls their
gitand builds it from source.
Not to mention pushing a #Shitcoin-#Scam (#MobileCoin) disqualifies #Signal per very design!
https://www.youtube.com/watch?v=tJoO2uWrX1M
- Given the collection of #PII like #PhoneNumbers, the ability to restrict functionality based off those and the fact that #Signal is subject to #CloudAct make it inherently not trustworthy.
And don't even get me started on the fact.it's not sustainable to run it as a #VCmoneyBurningParty!
- As soon as Signal becomes a problem, it will be taken offline, and due to the fact that it is #centralized, #proprietary, #SingleVendor & #SingleProvider that's trivial for authorities.
Same as identifying users: They already got a #PhoneNumber which in many juristictions one can't even obtain without #ID legally, thus making it super easy to i.e. find and locate a user. Even tze cheapest LEAs can force their local M(V)NOs to #SS7 a specific number...
- All these are unnecessary risks, that could've been avoided, but explicitly don't even get remediated retroactively!
Again: Signal has a #Honeypot stench, and you better learn proper #E2EE, #SelfCustody and #TechLiteracy because corporations can't pull the 5th [Amendment] on your behalf!
I doubt Hegseth can spell Metadata when sober.
"Giải Mã" SS7: Kiến Trúc, Ứng Dụng & Những Điều Cần Biết
SS7 Là Gì? Hé Lộ Giao Thức Quyền Lực Của Viễn Thông & Những Nguy Cơ Bảo Mật
Chi tiết: https://otpsms247.com/signaling-system-7-ss7-la-gi/
#DHS Says #China, #Russia, #Iran, and Israel Are #Spying on People in #US with #SS7
The Department of #HomelandSecurity knows which countries SS7 attacks are primarily originating from. Others include countries in Europe, Africa, and the Middle East.
In the newly released document, #SenatorWyden’s says #DoD confirmed it believes that all US #telecom are vulnerable to SS7 and Diameter #surveillance, and that DoD has not reviewed 3rd-party audits carried out by US carriers
https://www.404media.co/dhs-says-china-russia-iran-and-israel-are-spying-on-people-in-us-with-ss7/
On Mobile Phone Security
https://www.kicksecure.com/wiki/Mobile_Phone_Security
#SS7 and #baseband #vulnerabilities
What about #mobian hardening on a #MechaComet with a cellular hat? Then there's only carrier protocol weaknesses...
If ISPs use microwave relays (the hated 'air' - remember Max Headroom) and NSA access points, is domestic broadband really secure either? But the cable or fiber doesn't have 'carrier' vulns.
https://www.kicksecure.com/wiki/Router_and_Local_Area_Network_Security
#kicksecure #whonix #docs #security-misc
Schöne neue Welt sagte schon Huxley.
https://www.404media.co/dhs-says-china-russia-iran-and-israel-are-spying-on-people-in-us-with-ss7/
"The Department of Homeland Security (DHS) believes that China, Russia, Iran, and Israel are the “primary” countries exploiting security holes in telecommunications networks to spy on people inside the United States, which can include tracking their physical movements and intercepting calls and texts, according to information released by Senator Ron Wyden.
The news provides more context around use of SS7, the exploited network and protocol, against phones in the country. In May, 404 Media reported that an official inside DHS’s Cybersecurity Insurance and Security Agency (CISA) broke with his department’s official narrative and publicly warned about multiple SS7 attacks on U.S. persons in recent years. Now, the newly disclosed information provides more specifics on where at least some SS7 attacks are originating from."
https://www.404media.co/dhs-says-china-russia-iran-and-israel-are-spying-on-people-in-us-with-ss7/
DHS Says China, Russia, Iran, and Israel Are Spying on People in US with SS7 https://www.404media.co/dhs-says-china-russia-iran-and-israel-are-spying-on-people-in-us-with-ss7/ #ss7 #surveillance
"#China #Russia #Iran & #Israel are spying on Americans using telecom weaknesses.
-DHS
All US carriers vulnerable to some extent.
We know this thanks to Sen
Wyden's tireless work to expose #SS7 & #Diameter vulnerabilities.
Global NET for routing calls:
Requests are trusted by default. Whatever operator they come from!
Since requests can let you do things like intercept calls, texts & track phones locations..."
-J Scott-Railton
#Telecommunications #Surveillance
https://www.404media.co/dhs-says-china-russia-iran-and-israel-are-spying-on-people-in-us-with-ss7/
If you are not familiar with telephony attacks, this is worth a watch.
32 Minutes.
Exposing The Flaw In Our Phone System
Exposing The Flaw In Our #Phone Systemhttps://www.youtube.com/watch?v=wVyu7NB7W6Y
A massive thank you to #AlexandreDeOliveira and #KarstenNohl making this demo possible.
00:00 I hacked Linus!
00:59 How #SteveJobs and #SteveWozniak hacked the telephone network
02:22 Early history of the telephone
07:08 The kidnapping of #SheikhaLatifa
08:41 How Signalling System No. 7 works
11:03 Why SS7 is vulnerable to hacking
12:15 How hackers gain access to phones
16:17 How I was able to spy on Linus’ phone
18:09 How hackers can intercept text messages
21:04 How your location can be tracked via SS7
29:03 How to protect your phone from hacking
Teleselskaberne og digitaliseringsministeren vil bekæmpe #smishing - #svindel via SMS - ved at AI skal gennemtravle alle vores SMS'er som et andet spamfilter i stedet for at arbejde på at få styr på den globale adgang til #SS7 protokollen, der giver adgang til #spoofing. De vil fange ræven, når den er kommet ind i hønsegården før den spiser hønsene. Det er sikkert billigere og hurtigere, men også dumt. #dkpol 1/2
SS7 is not secure, so besides the SMS, there is no reason that the call setup can not be rerouted thru a MITM.
Don't. SS7 is not secure.
Even if you encrypt the payload, traffic analysis can reveal the parties.