Hello All
I wanted to ask your about something regarding user privacy leakage in the
broadcast channels. As i have been sniffing and testing myself and i found
that on the paging requests type 1 IMSI along with TMSI is sent.
I have came to understand that first sending two identifications is the
norm, but what i dont understand the high rate of sending IMSI as mobile
identification, and as per specification its noted that either TMSI OR IMSI
are sent, so does that by any mean could be a configuration issues from
the MSC/VLR side that should be changed, is this the norm? if its the norm,
then why using TMSI.
From your experience what are the countermeasures you
think that should be
taken from the operator side to protect against such
information leaks, or
there is nothing that an operator can do much for this ?What could be the
different cases where the IMSI could be sent ?
Thanks