HackerTrans
TopNewTrendsCommentsPastAskShowJobs

ng55QPSK

no profile record

comments

ng55QPSK
·2 lata temu·discuss
which means: you tell the compiler
ng55QPSK
·3 lata temu·discuss
i can understand everything, but why is Apple as global company fixes jobs like this to a single site?
ng55QPSK
·3 lata temu·discuss
Is the same infrastructure available in Windows and MacOS?
ng55QPSK
·4 lata temu·discuss
Do we know, where it is submitted?
ng55QPSK
·4 lata temu·discuss
At home we use a phrase from an interview with a EU politician that was done BEFORE the ukraine war and asked about the US/CIA warnings of an upcomming war and he said "Always remember, the CIA was the agency that told US presidents for years the vietnam war would be over next week" ...
ng55QPSK
·4 lata temu·discuss
i still don't understand. Should i put a bet (like €50), i can find an operator that closes such databases, or that you find an operator that doesn't?

I'm part of the mobile communication industry (while being in research) and part of my job is interacting with operators.
ng55QPSK
·4 lata temu·discuss
It shocked some managers in telco, something we consider a good thing ...
ng55QPSK
·4 lata temu·discuss
Well, you're invited to join research on network ... because it's impossible to hide your ID from your access network. Tor and similar can hide your ID in transport, but that's no option in RAN.
ng55QPSK
·4 lata temu·discuss
So you have ID41323 and ID53242 over night (or at daytime) in the same location, how do you map this back to names?

It's not impossible, but you need data that exists (like house-to-name mapping) from databases outside of the reach of the operators.

And the location information in the network is only as precise as needed. Most of the time this is a cell area, so 100s of m2.
ng55QPSK
·4 lata temu·discuss
You just explained the TMSI - something that was used since GSM networks in the early 90s
ng55QPSK
·4 lata temu·discuss
Serious answer: I have seen operators taking this serious. It's also a european trend not to blindly accept law enforcement requests to open data anymore.

For US companies: read something on the recent twitter example.
ng55QPSK
·4 lata temu·discuss
i'd recommend to watch the presentation https://media.ccc.de/v/mch2022-273-openran-5g-hacking-just-g... in which it's made clearer, that the telco part wasn't the issue. 5G systems can be operated rather secure, but operators or subcontractors that build these cloud installation have strange ideas about trust and config.

On the topic of 'telcos don't take security seriously', CoryD recently wrote some wise words in https://pluralistic.net/2022/08/12/regulatory-uncapture/#con...

"The public-private surveillance partnership is very old, and it's key to monopolists' strategy. It took 69 years to break up AT&T, because every time trustbusters came close, America's cops and spies and military would spring into action, insisting that the Bell System was America's "national champion," needed to defend it from foreign enemies. The Pentagon rescued Ma Bell from breakup in the 50s by claiming that the Korean War couldn't be won without AT&T's help"

I know some people in designing 5G, that were rather frustrated by outside influence on "can we have another unsafe option also, just in case we need it?"
ng55QPSK
·4 lata temu·discuss
Both informations are abstract identifiers and are decoded in a database to 'real' values only, PHY doesn't care about your decrypted ID. If the operator keeps that database closed, a reasonable privacy of who and where can be done.
ng55QPSK
·4 lata temu·discuss
Actually in 5G network there is almost nothing that isn't encrypted. What Karsten decribes is that cloud installations very often trust the infrastructure, but that's no special 5G problem.
ng55QPSK
·4 lata temu·discuss
"weather models" "better" - how do you actually rate weather models? Exact prediction or prediction of outliers like catastrophic events? Is there more value in knowing tomorrow's temperature to be 24C or a thunderstorm happening at 15:00 ?
ng55QPSK
·4 lata temu·discuss
Just wrong. The more correct input you have and the more correct your model of the real world is, the more accurate your predictions are.

We already see helpless activities to be better with AI (and a lot of computing) then classical optimisation theory (think solving PDEs) and failing.

Just more computing power will not help (except people whose business model relies on selling you computing power)
ng55QPSK
·4 lata temu·discuss
The point here is: if the owner of the IMSI catcher has some preknowledge about the target phone.

There is no way to avoid this.
ng55QPSK
·4 lata temu·discuss
Tracking down 'strange' configuration will work in 5G the same way. It still could be, and the pdf covers this, 'strange' configurations can happen in early deployments in 5G also. It will be a false positive for checks like this.
ng55QPSK
·4 lata temu·discuss
as explained in the pdf: There is a part of the connection setup, that will happen before any mutual authentification: The telephone offers the IMEI/IMSI to get an initial connection. The network learns this number and it's the counterpart of a MAC address in Wifi networks.
ng55QPSK
·4 lata temu·discuss
"You can't see all of the issues and all of the problems and how your design really doesn't work until you actually try to build it." - assuming you build something, nobody has tried to build before.

In the 95% of other cases, use a library solutions, read about solutions that exist, try to learn from similar solutions. Don't reinvent the wheel.

It's not wrong to do experiments, learn from that and apply the know-how to production code.