|
|
|
|
|
|
by Liblor
2251 days ago
|
|
|
A professor at my University mentioned that when he was a student, the professors at that time claimed that the security of BGP is a solved problem and nobody is going to talk about it in ~2 years. This was +20 years ago. He has spent a lot of his research on an alternative for BGP called SCION[1], as the adaption of BGPSec is not very straight forward and rather an ugly fix.
I think it is pretty interesting that the problems of BGP are not discussed more widely and often. [1] https://www.scion-architecture.net/ |
|
|
SS7 networks are basically wide open, with no auth and anyone can get an SS7 hub for cheap and start sending nefarious commands to peoples handsets. They can forward or record calls and read SMS. They can track you or they could just be a jerk and keep rebooting your phone. Worse still it can be used to intercept 2FA codes over SMS, which is the approach a lot of banks are taking for personal account security. intelligence agencies are without a doubt using it for intercepting and tracking.
The Telcos are lost with how to address the issues combined with cost considerations, so most are taking the approach of hoping it stays out of the news and waiting for it to eventually be deprecated from the network.