This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/baseband-devel@lists.osmocom.org/.
Harald Welte laforge at gnumonks.orgHi Ty, On Tue, Feb 07, 2012 at 03:18:46PM +0300, ty wrote: > I work for one of the leading mcommerce providers in the country as a > security analyst and from the architectures, yes all the transactions take > place via secure channels. However, my concern has always been after the > transaction leaves the application and is handed over to the USSD gateway > for the MNO, is it possible at an SS7 layer to intercept the said traffic? There is nothing specific to USSD here. It's a MAP transaction, encapsulated in TCAP+SCCP+MTP3 or any of the SIGTRAN variants. So the question is basically a general question on SS7/SCCP security, and thus off-topic on this list, which is about OsmocomBB baseband development and not core network technology. > I haven't seen any research into how USSD can be intercepted OTA just like > GSM voice calls have been intercepted. USSD is transported on a signallign channel like SMS or call control. Thre is no difference in terms of intercepting or MITM from voice/SMS. Regards, Harald -- - Harald Welte <laforge at gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)