tag:blogger.com,1999:blog-1834236085756782640.post8345289130516014432..comments2024-03-21T14:19:53.378+00:00Comments on The 3G4G Blog: Diameter Security is worse than SS7 Security?Zahid Ghadialyhttp://www.blogger.com/profile/11618208626682295272noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-1834236085756782640.post-71413856496851061372015-08-28T08:38:16.574+01:002015-08-28T08:38:16.574+01:00Interesting read: SS7 is not a security issueInteresting read: <a href="https://www.linkedin.com/pulse/ss7-security-issue-travis-russell?trk=hp-feed-article-title-ppl-follow" rel="nofollow">SS7 is not a security issue</a>Zahid Ghadialyhttps://www.blogger.com/profile/11618208626682295272noreply@blogger.comtag:blogger.com,1999:blog-1834236085756782640.post-22241569147701237932015-08-17T11:57:16.094+01:002015-08-17T11:57:16.094+01:00Hi. This is an interesting critique of SS7 Vs Diam...Hi. This is an interesting critique of SS7 Vs Diameter. <br />However just considering SS7 on its own.<br />SS7 is considered like a VPN that is link to link and closed. How does once attack a SS7 link to intercept and manipulate and inject messages? This could only be done by the carriers themselves. Most unlikely and I have never seen it. ie, how is an attacker gaining access to an STP when the switch needs to be identified and allowed in the STP agreement?<br /><br />Diameter whilst more IP than SS7 unless using a sigtran or similar, is again a Telco to Telco connection to carriers. Similar standards exist.<br /><br />The PPT reds more scare campaign and the issues identified stated as fact when its a hypothesis and less likely in reality.<br /><br />I am not as convinced as you write based on my many years working on IR and SS7 and signaling to date.Anonymoushttps://www.blogger.com/profile/11617601731625161309noreply@blogger.com