Hmm, instead of securing their networks and pushing for better security standards they'll cut access to one fish. Is that an ideal strategy? Some other bigger meaner fish will still use those vulnerabilities. I was wondering if the GSMA is or should regularly perform security audits.
https://www.gsma.com/security/gsma-mobile-security-research-acknowledgements...
Or perhaps award publicly visible badges of honor to those mobile networks that are not vulnerable to similar attacks.
I mean how many companies do we know? that publicly stated: Hello our mobile users btw. we fixed those vulnerabilities in our network! You should now be better protected.
I never got any such information from any of my providers. Did you?
Beste Grüsse, Regards si s-auzim de bine Florin Sfetea
On Friday, May 19, 2023, 12:00:21 PM GMT+2, swinog-request@lists.swinog.ch wrote:
Send swinog mailing list submissions to swinog@lists.swinog.ch
To subscribe or unsubscribe via email, send a message with subject or body 'help' to swinog-request@lists.swinog.ch
You can reach the person managing the list at swinog-owner@lists.swinog.ch
When replying, please edit your Subject line so it is more specific than "Re: Contents of swinog digest..."
Today's Topics:
1. Re: Sicherheit von SS7 - mit Schweiz-Bezug (Ralph Krämer)
----------------------------------------------------------------------
Message: 1 Date: Thu, 18 May 2023 22:33:17 +0200 (CEST) From: Ralph Krämer ralph.kraemer@vable.ch Subject: [swinog] Re: Sicherheit von SS7 - mit Schweiz-Bezug To: swinog swinog@lists.swinog.ch Message-ID: 172298345.199.1684441997706.JavaMail.zimbra@vable.ch Content-Type: text/plain; charset=utf-8
nice : https://www.spiegel.de/netzwelt/netzpolitik/andreas-fink-mobilfunkverband-ge...
about time ;-)
----- Am 15. Mai 2023 um 13:31 schrieb Florin Sfetea via swinog swinog@lists.swinog.ch:
Hello all,
I was reading this old(2018) ENISA Report [ https://www.enisa.europa.eu/publications/signalling-security-in-telecom-ss7-... | https://www.enisa.europa.eu/publications/signalling-security-in-telecom-ss7-... ] Might help in some way but reading it had reminded me of ARP spoofing/poisoning attacks which even today are still used and work in a lot of networks that I have been. :)
One year later I had open a case with Salt where I requested a public statement that they had fixed/mediated the issues discovered up to that time(March 2019) or at least that a remediation plan was in place.
Someone from Support answered that " The introduction of 5G will only take place if data security is guaranteed for our customers and we can assume that the security issue will not lead to a delay in the introduction of 5G. "
I was not satisfied ::)) with the answer and requested an escalation
They eventually closed my case in July 2019 with:
" Dear Sir,
Salt follows industry best practices in terms of security for its entire mobile infrastructures and improves constantly the protection of its mobile infrastructures and customers. The case you mention is known and has been addressed accordingly. " No public statement nor such other mentions of which fix was exactly addressed.
I don't have anything with any mobile provider. At that time it was just happen to be Salt. I move from time to time to different other ones.
I think we should have here in Switzerland more or less a same similar to ENISA organization that should supervise and perform regular audits on mobile providers. Melani/NCSC would that fit your bill?
I never really had time to further test if any of those vulnerabilities or newer where actually fixed. Someone should definitely do it. Free for fame or payed from a government branch is to [ https://www.gsma.com/security/gsma-mobile-security-research-acknowledgements... | https://www.gsma.com/security/gsma-mobile-security-research-acknowledgements... ]
Regards, Florin
swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-leave@lists.swinog.ch
------------------------------
Subject: Digest Footer
_______________________________________________ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-leave@lists.swinog.ch
------------------------------
End of swinog Digest, Vol 219, Issue 11 ***************************************
as of my knowledge, SS7 is the remedy for inband signalling what was abused widely. nevertheless, SS7 is widely known to be vulnerable and nearly 50 years old. since the global telephony system is impossible to get migrated to anything more clever and better shortly, limiting access to well behaving entities is (IMHO) a good approach.
network operators HAVE limited access to SS7 for the end user already long ago - I remember it was possible to do nasty things in the early ISDN days sending spoofed messages through the d-Kanal even for end users. this was quickly addressed.
the current incident is about someone with deep knowledge to SS7 and it's sensitive spots. that guy provided access to SS7 to (any?) parties as a payed service and (it would not surprise me) consulting about how to exploit it.
you won't provide razor blades to toddlers for a good reason - but you can't demand to make razor blades safe for toddlers. ;-)
for my understanding, he should have take measures to prevent abusing his service by his customers. since (some) of his customers only used his service for exploiting and he got paid for providing it, he did not seem to 'have a word' with that exploiting customers, instead money was more important.
There are (really) a lot of infrastructure services that rely on old insecure technology - just think of tracking 'Santa Claus' on flight radar. this is funny - but in the end just sending spoofed data to ACARS.
some infrastructure implementations are too big to allow exploits - and to old and widely spread to make changes. SS7 does (as of my knowledge) not have any security features. limiting access is mandatory.
If I'm technically wrong about SS7 and other options I would gladly learn about alternatives.
Schönes WE ;-)
Ralph
----- Am 19. Mai 2023 um 22:42 schrieb f_sfetea--- via swinog swinog@lists.swinog.ch:
Hmm, instead of securing their networks and pushing for better security standards they'll cut access to one fish. Is that an ideal strategy? Some other bigger meaner fish will still use those vulnerabilities. I was wondering if the GSMA is or should regularly perform security audits.
https://www.gsma.com/security/gsma-mobile-security-research-acknowledgements...
Or perhaps award publicly visible badges of honor to those mobile networks that are not vulnerable to similar attacks.
I mean how many companies do we know? that publicly stated: Hello our mobile users btw. we fixed those vulnerabilities in our network! You should now be better protected.
I never got any such information from any of my providers. Did you?
Beste Grüsse, Regards si s-auzim de bine Florin Sfetea
Today's Topics:
- Re: Sicherheit von SS7 - mit Schweiz-Bezug (Ralph Krämer)
-
f_sfetea@yahoo.com -
Ralph Krämer