Hacker News new | past | comments | ask | show | jobs | submit login

This is obviously not good, but is there evidence that they are broadly worse than the competition? I always thought telco internal networks were full of stuff like this (out of date and misconfigured crap everywhere, with heavy reliance on firewalls/vpns).



VPNs and firewalls can't help when the cellular basestation is the issue. How would you prevent a malicious LTE client fron running these exploits?

Telcom security is a mess, but the frontline gear is usually the saving grace of the network.


Is there really SSL communication between terminals and base station in the LTE protocol? This seems unlikely because it's below the IP layer. They could of course use openssl for the crypto primitives in implementing LTE but are there vulnerabilities in those primitives that would be fixed by updating openssl?

There could be TLS involved in higher level protocols like IMS though. Or not. Does anyone know if eg VoLTE relies on the network for security or does it run SIP over DTLS or something?




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: