At home we use a phrase from an interview with a EU politician that was done BEFORE the ukraine war and asked about the US/CIA warnings of an upcomming war and he said "Always remember, the CIA was the agency that told US presidents for years the vietnam war would be over next week" ...
Well, you're invited to join research on network ... because it's impossible to hide your ID from your access network. Tor and similar can hide your ID in transport, but that's no option in RAN.
Serious answer: I have seen operators taking this serious. It's also a european trend not to blindly accept law enforcement requests to open data anymore.
For US companies: read something on the recent twitter example.
i'd recommend to watch the presentation https://media.ccc.de/v/mch2022-273-openran-5g-hacking-just-g... in which it's made clearer, that the telco part wasn't the issue. 5G systems can be operated rather secure, but operators or subcontractors that build these cloud installation have strange ideas about trust and config.
"The public-private surveillance partnership is very old, and it's key to monopolists' strategy. It took 69 years to break up AT&T, because every time trustbusters came close, America's cops and spies and military would spring into action, insisting that the Bell System was America's "national champion," needed to defend it from foreign enemies. The Pentagon rescued Ma Bell from breakup in the 50s by claiming that the Korean War couldn't be won without AT&T's help"
I know some people in designing 5G, that were rather frustrated by outside influence on "can we have another unsafe option also, just in case we need it?"
Both informations are abstract identifiers and are decoded in a database to 'real' values only, PHY doesn't care about your decrypted ID. If the operator keeps that database closed, a reasonable privacy of who and where can be done.
Actually in 5G network there is almost nothing that isn't encrypted. What Karsten decribes is that cloud installations very often trust the infrastructure, but that's no special 5G problem.
"weather models" "better" - how do you actually rate weather models? Exact prediction or prediction of outliers like catastrophic events? Is there more value in knowing tomorrow's temperature to be 24C or a thunderstorm happening at 15:00 ?
Tracking down 'strange' configuration will work in 5G the same way. It still could be, and the pdf covers this, 'strange' configurations can happen in early deployments in 5G also. It will be a false positive for checks like this.
as explained in the pdf: There is a part of the connection setup, that will happen before any mutual authentification: The telephone offers the IMEI/IMSI to get an initial connection. The network learns this number and it's the counterpart of a MAC address in Wifi networks.
"You can't see all of the issues and all of the problems and how your design really doesn't work until you actually try to build it." - assuming you build something, nobody has tried to build before.
In the 95% of other cases, use a library solutions, read about solutions that exist, try to learn from similar solutions. Don't reinvent the wheel.
It's not wrong to do experiments, learn from that and apply the know-how to production code.