MastodonTech.de

Kevin Karhan :verified:<a href="https://fedifreu.de/@cryptgoat" class="u-url mention" rel="nofollow noopener" target="_blank">@cryptgoat</a> ja, nur ist es quasi illegal <a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@signalapp</a> / <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#Signal</a> <a href="https://infosec.space/tags/anonym" class="mention hashtag" rel="nofollow noopener" target="_blank">#anonym</a> (also faktisch nur <a href="https://infosec.space/tags/pseudonym" class="mention hashtag" rel="nofollow noopener" target="_blank">#pseudonym</a>, weil stets korrelierbar qua <a href="https://infosec.space/tags/Rufnummer" class="mention hashtag" rel="nofollow noopener" target="_blank">#Rufnummer</a> -> <a href="https://infosec.space/tags/ICCID" class="mention hashtag" rel="nofollow noopener" target="_blank">#ICCID</a> -> <a href="https://infosec.space/tags/IMSI" class="mention hashtag" rel="nofollow noopener" target="_blank">#IMSI</a> -> <a href="https://infosec.space/tags/IMEI" class="mention hashtag" rel="nofollow noopener" target="_blank">#IMEI</a> -> <a href="https://infosec.space/tags/Location" class="mention hashtag" rel="nofollow noopener" target="_blank">#Location</a>) zu nutzen.<ul><li>Seit 07/2017 sind anonyme <a href="https://infosec.space/tags/SIM" class="mention hashtag" rel="nofollow noopener" target="_blank">#SIM</a>-Karten faktisch illegal und ne SIM mir Rufnummer ist ne <a href="https://infosec.space/tags/Paywall" class="mention hashtag" rel="nofollow noopener" target="_blank">#Paywall</a> die faktisch teurer ist als nen <a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@monocles</a> - Abo.</li></ul>Allein die notwendigen <a href="https://infosec.space/tags/Workarounds" class="mention hashtag" rel="nofollow noopener" target="_blank">#Workarounds</a> sind so heftig paywalled dass es eher sinn macht 1h Hands-on - Training zu investieren...<ul><li>Von den <a href="https://infosec.space/@kkarhan/114234551915193036" rel="nofollow noopener" target="_blank">Problemen die Signal hat</a> ganz zu schweigen...</li></ul><a href="https://fedifreu.de/@cryptgoat/114705198216850106" rel="nofollow noopener" translate="no" target="_blank">https://fedifreu.de/@cryptgoat/114705198216850106</a>

Kevin Karhan :verified:<a href="https://mstdn.jp/@landley" class="u-url mention" rel="nofollow noopener" target="_blank">@landley</a> <a href="https://mstdn.social/@jschauma" class="u-url mention" rel="nofollow noopener" target="_blank">@jschauma</a> <a href="https://infosec.exchange/@ryanc" class="u-url mention" rel="nofollow noopener" target="_blank">@ryanc</a> <a href="https://infosec.exchange/@0xabad1dea" class="u-url mention" rel="nofollow noopener" target="_blank">@0xabad1dea</a> yeah, the exhaustion problem would've been shoved back with a <a href="https://infosec.space/tags/64bit" class="mention hashtag" rel="nofollow noopener" target="_blank">#64bit</a> or sufficiently delayed by a 40bit number.Unless we also hate <a href="https://infosec.space/tags/NAT" class="mention hashtag" rel="nofollow noopener" target="_blank">#NAT</a> and expect every device to have a unique static <a href="https://infosec.space/tags/IP" class="mention hashtag" rel="nofollow noopener" target="_blank">#IP</a> (which is a <a href="https://infosec.space/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#privacy</a> nightmare at best that "<a href="https://infosec.space/tags/PrivacyExtensions" class="mention hashtag" rel="nofollow noopener" target="_blank">#PrivacyExtensions</a>" barely fixed.) <ul><li>I mean they could've also gone the <a href="https://infosec.space/tags/DECnet" class="mention hashtag" rel="nofollow noopener" target="_blank">#DECnet</a> approach and use the <a href="https://infosec.space/tags/EUI48" class="mention hashtag" rel="nofollow noopener" target="_blank">#EUI48</a> / <a href="https://infosec.space/tags/MAC" class="mention hashtag" rel="nofollow noopener" target="_blank">#MAC</a>-Address (or <a href="https://infosec.space/tags/EUI64" class="mention hashtag" rel="nofollow noopener" target="_blank">#EUI64</a>) as static addressing system, but that would've made <a href="https://infosec.space/tags/vendors" class="mention hashtag" rel="nofollow noopener" target="_blank">#vendors</a> and not <a href="https://infosec.space/tags/ISPs" class="mention hashtag" rel="nofollow noopener" target="_blank">#ISPs</a> the powerful forces of allocation. (Similar to how technically the <a href="https://infosec.space/tags/ICCID" class="mention hashtag" rel="nofollow noopener" target="_blank">#ICCID</a> dictates <a href="https://infosec.space/tags/GSM" class="mention hashtag" rel="nofollow noopener" target="_blank">#GSM</a> / <a href="https://infosec.space/tags/4G" class="mention hashtag" rel="nofollow noopener" target="_blank">#4G</a> / <a href="https://infosec.space/tags/5G" class="mention hashtag" rel="nofollow noopener" target="_blank">#5G</a> access and not the <a href="https://infosec.space/tags/IMEI" class="mention hashtag" rel="nofollow noopener" target="_blank">#IMEI</a> unless places like Australia ban imported devices.</li></ul> I guess using a <a href="https://infosec.space/tags/128bit" class="mention hashtag" rel="nofollow noopener" target="_blank">#128bit</a> address space was inspired by <a href="https://infosec.space/tags/ZFS" class="mention hashtag" rel="nofollow noopener" target="_blank">#ZFS</a> doing the same before, as the folks who designed both wanted to design a solution that clearly will outlive them (way harder than COBOL has outlived Grace Hopper)...<ul><li>Personally I've only had headaches with <a href="https://infosec.space/tags/IPv6" class="mention hashtag" rel="nofollow noopener" target="_blank">#IPv6</a> because not only do I only have <a href="https://infosec.space/tags/IPv4only" class="mention hashtag" rel="nofollow noopener" target="_blank">#IPv4only</a> <a href="https://infosec.space/tags/Internet" class="mention hashtag" rel="nofollow noopener" target="_blank">#Internet</a> but my <a href="https://infosec.space/tags/ISP" class="mention hashtag" rel="nofollow noopener" target="_blank">#ISP</a> refuses to allocate even a singe /64 to me (but has no problem throwing in a free /29 of <a href="https://infosec.space/tags/IPv4" class="mention hashtag" rel="nofollow noopener" target="_blank">#IPv4</a>'s in with my contract!)and stuff like <a href="https://infosec.space/tags/HurricaneElectric" class="mention hashtag" rel="nofollow noopener" target="_blank">#HurricaneElectric</a> / <a href="https://infosec.space/tags/HEnet" class="mention hashtag" rel="nofollow noopener" target="_blank">#HEnet</a>'s <a href="https://infosec.space/tags/Tunnelbroker" class="mention hashtag" rel="nofollow noopener" target="_blank">#Tunnelbroker</a> fail face first due to <a href="https://infosec.space/tags/Geoblocking" class="mention hashtag" rel="nofollow noopener" target="_blank">#Geoblocking</a> and the fact that <a href="https://infosec.space/tags/ASNs" class="mention hashtag" rel="nofollow noopener" target="_blank">#ASNs</a> get geolocated, not their <a href="https://infosec.space/tags/PoPs" class="mention hashtag" rel="nofollow noopener" target="_blank">#PoPs</a>... </li></ul>If I was <a href="https://social.bund.de/@BNetzA" class="u-url mention" rel="nofollow noopener" target="_blank">@BNetzA</a> I would've mandated <a href="https://infosec.space/tags/DualStack" class="mention hashtag" rel="nofollow noopener" target="_blank">#DualStack</a> and banned <a href="https://infosec.space/tags/CGNAT" class="mention hashtag" rel="nofollow noopener" target="_blank">#CGNAT</a> (or at least the use of CGNAT in <a href="https://infosec.space/tags/RFC1918" class="mention hashtag" rel="nofollow noopener" target="_blank">#RFC1918</a> address spaces) as well as <a href="https://infosec.space/tags/DualStackLite" class="mention hashtag" rel="nofollow noopener" target="_blank">#DualStackLite</a>!

Kevin Karhan :verified:<a href="https://infosec.exchange/@bob_zim" class="u-url mention" rel="nofollow noopener" target="_blank">@bob_zim</a> yeah. Seen it. in the writeup by <a href="https://infosec.exchange/@micahflee" class="u-url mention" rel="nofollow noopener" target="_blank">@micahflee</a> ...I just hope to find any that ain't <a href="https://infosec.space/tags/NetLock" class="mention hashtag" rel="nofollow noopener" target="_blank">#NetLock</a>'d / <a href="https://infosec.space/tags/SimLock" class="mention hashtag" rel="nofollow noopener" target="_blank">#SimLock</a>'d to <a href="https://infosec.space/tags/Verizon" class="mention hashtag" rel="nofollow noopener" target="_blank">#Verizon</a> and that these support more than <a href="https://infosec.space/tags/US" class="mention hashtag" rel="nofollow noopener" target="_blank">#US</a>-<a href="https://infosec.space/tags/LTE" class="mention hashtag" rel="nofollow noopener" target="_blank">#LTE</a> bands... <ul><li>Not shure if it needs a valid <a href="https://infosec.space/tags/SIM" class="mention hashtag" rel="nofollow noopener" target="_blank">#SIM</a> or just an <a href="https://infosec.space/tags/ICCID" class="mention hashtag" rel="nofollow noopener" target="_blank">#ICCID</a> + <a href="https://infosec.space/tags/Ki" class="mention hashtag" rel="nofollow noopener" target="_blank">#Ki</a> on a <a href="https://infosec.space/tags/SIM" class="mention hashtag" rel="nofollow noopener" target="_blank">#SIM</a> to get going (cuz in <a href="https://infosec.space/tags/Germany" class="mention hashtag" rel="nofollow noopener" target="_blank">#Germany</a> it's hard [imported <a href="https://infosec.space/tags/SIM" class="mention hashtag" rel="nofollow noopener" target="_blank">#SIM</a>] to illegal [domestic SIMs] to get an anonymous SIM since 07/2017.</li></ul>I just wish <a href="https://mastodon.social/@eff" class="u-url mention" rel="nofollow noopener" target="_blank">@eff</a> wouldn't expect everyone to use <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener" target="_blank">#centralized</a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#SingleVendor</a> & <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#SingleProvider</a> services like <a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@signalapp</a> in the age of <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#CloudAct</a>, cuz neither I nor anyone I'd trust would submit <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#PII</a> to them like a <a href="https://infosec.space/tags/PhoneNumer" class="mention hashtag" rel="nofollow noopener" target="_blank">#PhoneNumer</a> <a href="https://infosec.space/@kkarhan/114234551915193036" rel="nofollow noopener" target="_blank">as a matter of principle!</a>

Kevin Karhan :verified:<a href="https://possum.city/@tauon" class="u-url mention" rel="nofollow noopener" target="_blank">@tauon</a> 1) <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#CloudAct</a> is just <a href="https://infosec.space/tags/CyberFacism" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberFacism</a>, look it up! <a href="https://en.wikipedia.org/wiki/CLOUD_Act" rel="nofollow noopener" translate="no" target="_blank">https://en.wikipedia.org/wiki/CLOUD_Act</a><ul><li>And with <a href="https://infosec.space/tags/Trumpism" class="mention hashtag" rel="nofollow noopener" target="_blank">#Trumpism</a> ravaging the <a href="https://infosec.space/tags/USA" class="mention hashtag" rel="nofollow noopener" target="_blank">#USA</a> must be considered as <a href="https://infosec.space/tags/hostile" class="mention hashtag" rel="nofollow noopener" target="_blank">#hostile</a> as <a href="https://infosec.space/tags/Russia" class="mention hashtag" rel="nofollow noopener" target="_blank">#Russia</a> and the "P.R." <a href="https://infosec.space/tags/China" class="mention hashtag" rel="nofollow noopener" target="_blank">#China</a> by anyone who takes <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpSec</a>, <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#InfoSec</a> & <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#ComSec</a> seriously!</li></ul>-2) <a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@signalapp</a> 's <a href="https://infosec.space/tags/Server" class="mention hashtag" rel="nofollow noopener" target="_blank">#Server</a> code is proprietary and since it's centralized we can't trust that the code they release is what's running on their backend! <ul><li>Plus their <a href="https://infosec.space/tags/App" class="mention hashtag" rel="nofollow noopener" target="_blank">#App</a> doesn't allow <a href="https://infosec.space/tags/ReproducibleBuilds" class="mention hashtag" rel="nofollow noopener" target="_blank">#ReproducibleBuilds</a> (if Signal was <a href="https://infosec.space/tags/FLOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#FLOSS</a> it would be on <a href="https://floss.social/@fdroidorg" class="u-url mention" rel="nofollow noopener" target="_blank">@fdroidorg</a> / <a href="https://infosec.space/tags/Fdroid" class="mention hashtag" rel="nofollow noopener" target="_blank">#Fdroid</a>) but alas it isn't!</li></ul>-3) <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#Signal</a> still demands <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener" target="_blank">#PhoneNumbers</a> which are <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#PII</a> either by association (<a href="https://infosec.space/tags/Number" class="mention hashtag" rel="nofollow noopener" target="_blank">#Number</a> => <a href="https://infosec.space/tags/ICCID" class="mention hashtag" rel="nofollow noopener" target="_blank">#ICCID</a> = <a href="https://infosec.space/tags/SIM" class="mention hashtag" rel="nofollow noopener" target="_blank">#SIM</a> = <a href="https://infosec.space/tags/IMSI" class="mention hashtag" rel="nofollow noopener" target="_blank">#IMSI</a> => <a href="https://infosec.space/tags/IMEI" class="mention hashtag" rel="nofollow noopener" target="_blank">#IMEI</a> => Location Data <a href="https://infosec.space/@kkarhan/113467346741876822" rel="nofollow noopener" target="_blank">as I explained before</a><a href="https://infosec.space/@kkarhan/113878565911126519" rel="nofollow noopener" target="_blank">twice</a>) or mandatory <a href="https://infosec.space/tags/KYC" class="mention hashtag" rel="nofollow noopener" target="_blank">#KYC</a> / <a href="https://infosec.space/tags/ID" class="mention hashtag" rel="nofollow noopener" target="_blank">#ID</a> requirements (even on prepaid cards), which an increasing amount of juristictions do...<ul><li>They have no "<a href="https://infosec.space/tags/LegitimateInterest" class="mention hashtag" rel="nofollow noopener" target="_blank">#LegitimateInterest</a>" demanding said <a href="https://infosec.space/tags/PersonallyIdentifyingInformation" class="mention hashtag" rel="nofollow noopener" target="_blank">#PersonallyIdentifyingInformation</a> to begin with! </li></ul>-But don't take my word for it. <a href="https://www.youtube.com/watch?v=tJoO2uWrX1M" rel="nofollow noopener" translate="no" target="_blank">https://www.youtube.com/watch?v=tJoO2uWrX1M</a><ul><li>Ask yourself if you'd trust someone <a href="https://www.youtube.com/watch?v=0DSGq9FQKU4" rel="nofollow noopener" target="_blank">peddlibg</a> <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener" target="_blank">#Shitcoin</a> <a href="https://infosec.space/tags/Scams" class="mention hashtag" rel="nofollow noopener" target="_blank">#Scams</a> like <a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener" target="_blank">#MobileCoin</a> with your data!</li></ul>

Alexander JanßenQuestion to my fellow <a href="https://ruhr.social/tags/telecommunication" class="mention hashtag" rel="nofollow noopener" target="_blank">#telecommunication</a> nerds: Does anyone know who is maintaining the <a href="https://ruhr.social/tags/ICCID" class="mention hashtag" rel="nofollow noopener" target="_blank">#ICCID</a> prefix list nowadays? The <a href="https://ruhr.social/tags/ITU" class="mention hashtag" rel="nofollow noopener" target="_blank">#ITU</a>-T seems to have lost interest and the last document [1] I could find is from 2018 and misses some MNOs I'm looking for...1. <a href="https://www.itu.int/pub/T-SP-E.118-2018" rel="nofollow noopener" translate="no" target="_blank">https://www.itu.int/pub/T-SP-E.118-2018</a>

Frühere Suchanfragen

Suchoptionen

Verwaltet von:

Serverstatistik:

#iccid