Old Fucking Punk @lwriemen@librem.one

The History of Cellular Network Security Doesn’t Bode Well for 5G

There’s been quite a bit of media hype about the improvements 5G is set to supposedly bring to users, many of which are no more than telecom talking points. One aspect of the conversation that’s especially important to get right is whether or not 5G will bring much-needed security fixes to cell networks. Unfortunately, we will still need to be concerned about these issues—and more—in 5G.

Past security flaws in the design of cell network infrastructure are being used for everything from large scale SMS spamming to enabling dragnet surveillance by law enforcement and spying in DC via cell site simulators (a.k.a. Stingrays, IMSI-catchers). Longtime cell network security researcher Roger Piqueras Jover has recently published a short but comprehensive reflection on the history of the cell security research that uncovered much of those flaws, and with it, his view of the security outlook for 5G.

Jover draws attention to how rapidly the field of cell network security research has been accelerating. It took researchers over 10 years after GSM was first standardized and deployed to find the first security flaws in the GSM (2G) protocol. For LTE (4G), it took approximately 7 years. Fast forward to the 5G standard, which was finalized  in March 2018. While there are currently no commercial implementations of 5G widely in use yet, researchers have already discovered over 6 critical security flaws in this new protocol.

Standardization efforts simply aren’t keeping up with the rapid rise of critical security flaws. The group responsible for maintaining the standards and incorporating security fixes (the 3GPP) primarily consists of big players in the telco industry, who don’t have much incentive to come up with and incorporate the critical user privacy fixes that are needed.

On the positive side, Jover points out that there are increasing efforts from researchers to explore potential fixes for many of the security problems in cell networks. In the recent past Ericsson has stepped up their efforts to fix some of the vulnerabilities in 5G’s identification and authentication procedures (i.e. the process that takes place between a mobile phone and a cell tower when each is verifying the other is who they claim to be). Similarly, researchers recently published a proof-of-concept paper proposing a PKI (public key infrastructure) & digital certificate system for the connection between mobile phones and cell towers (similar to SSL certificates and HTTPS).

Despite these efforts, for real change to take place, it must come from within: the 3GPP’s biggest players need to embrace the work required to fix the fundamental flaws that have plagued cell networks for years. Until then, our mobile devices are still vulnerable to being caught up in dragnet and targeted surveillance attacks. As it stands, 5G won’t be any sort of panacea—for increasing security, for improving wireless accessibility, or for solving the issues of broadband monopolies that contribute to each of these.

@switchingsocial
Here is another great note taking app: @joplinapp
There are clients for all platforms. Syncing could be done via @nextcloud or other syncing platforms.

Investors in Companies Profiting Off Student Loans Are Worried About Democrats’ Proposals to Cancel Debt

With ambitious proposals from Elizabeth Warren and Bernie Sanders, momentum for canceling student debt is growing.

The post Investors in Companies Profiting Off Student Loans Are Worried About Democrats’ Proposals to Cancel Debt appeared first on The Intercept.

https://blog.mozilla.org/firefox/hey-advertisers-track-this/

In the same spirit as Ad Nauseam. I like the intent, although it's questionable if it does much for me since I use Firefox through Tor and uBlock and uMatrix and cookies are on a whitelist-only... Nice to see Mozilla extend the middle finger to the surveillance capitalism forces though 🤷

Want to find your way from A to B?

You should try:
https://maps.openrouteservice.org

I've used it a couple of times today, and it was great.

* Uses OpenStreetMap data
* Service provided by HeiGIT
* Doesn't spy on you
* Maps look great
* Effective routes
* Share with friends
* Add your own tracks
* Export to GPX plus others
* Elevation profile

You can also go to C, D, E and many more. 😉

#OSM #maps #routes #routing #FOSS #FLOSS #CrowdSourced

...And 18 Point Back

Trump says E. Jean Carroll “isn’t his type.”

Rules For Thee, But Not For Me

Now for this episode of “It’s Okay if You’re a Republican!”

Amazon Troopers: Special Delivery

Service guarantees free shipping on items over $20!

History is Repeating Itself

Four European cartoonists on the rise of the far-right in their neck of the woods

Milk: Best drink to reduce burn from chili peppers

People who order their Buffalo wings especially spicy and sometimes find them to be too 'hot,' should choose milk to reduce the burn, according to researchers, who also suggest it does not matter if it is whole or skim.

Additions, deletions, and changes to the official list of North American birds

The latest supplement to the American Ornithological Society's checklist of North and Middle American birds includes several major updates to the organization of the continent's bird species. The official authority on the names and classification of the region's birds, the checklist is consulted by birdwatchers and professional scientists alike and has been published since 1886.

Roads and deforestation explode in the Congo basin

Logging roads are expanding dramatically in the Congo Basin, leading to catastrophic collapses in animal populations living in the world's second-largest rainforest, according to new research.

Tiffany Cabán Stuns Queens Machine, Holds Solid Lead in Race for Queens District Attorney

Cabán ran on ending cash bail, decriminalizing poverty and sex work, and faced the full weight of the machine.

The post Tiffany Cabán Stuns Queens Machine, Holds Solid Lead in Race for Queens District Attorney appeared first on The Intercept.

National trash: Reducing waste produced in US national parks

When you think of national parks, you might picture the vast plateaus of the Grand Canyon, the intricate wetlands of the Everglades, or the inspiring viewscapes of the Grand Tetons. You probably don't envision 100 million pounds of mashed water bottles, barbecue-smudged paper plates, and crumpled coffee cups -- but that is the staggering quantity of garbage that is generated in our National Parks each year. And handling that amount of waste is becoming a huge problem.

A Third of Republicans Think It’s OK to Refuse Service to Muslims

I’m never quite sure how seriously to take survey results, and today Paul Waldman points to a new PRRI survey that I really, really don’t want to take seriously. Here it is: Thanks to a baker in Colorado, we’re all accustomed to the idea that conservatives think business owners should be free to refuse service […]

Tails announced an emergency release this week, 3.14.2, to address a critical security vulnerability in the Tor browser. Be sure to update the Tor Browser to version 8.5.3 to fix the sandbox escape vulnerability.
https://tails.boum.org/news/version_3.14.2/index.en.html

Pine woodland restoration creates haven for birds in Midwest

Researchers have shown in a new study that restoration of pine woodlands, through the combined use of intentional, managed fires and strategic thinning of tree density, has a strikingly beneficial effect on a diverse array of birds, some of which are facing sharp declines from human-driven impacts like climate change and habitat loss.

CryptPad v2.24.0 introduces the ability to share encrypted docs directly with friends from within the share menu. You can also add colors to folders in your CryptDrive. Try it now on https:/cryptpad.fr and see the release notes for full details: https://github.com/xwiki-labs/cryptpad/releases/tag/2.24.0

#privacy

Review by our friends at the Denver Post:
Google Chrome has become surveillance software. It’s time to switch. https://t.co/1vEfs1s01j
#privacymatters

Illinois Just Legalized Recreational Marijuana

On Tuesday, Illinois Governor J. B. Pritzker signed a bill to legalize the sale of recreational marijuana statewide, officially making the Prairie State the 11th in the union to do so—and the first to legalize the sale of recreational marijuana by way of the state legislature, which passed the bill on May 31. (In 2018, […]