±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 2 Overall: 35886
New Yesterday: 2 Visitors: 182

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Huawei Spying

Discussion of forensic issues related to all types of mobile phones and underlying technologies (GSM, GPRS, UMTS/3G, HSDPA, LTE, Bluetooth etc.)
Subforums: Mobile Telephone Case Law
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Page 1, 2, 3, 4, 5  Next 
  

TinyBrain
Senior Member
 

Huawei Spying

Post Posted: Feb 03, 19 04:58

If a 'german' subscriber of Telekom is in roaming state in China what is the highest possible international IR.21-based bandwith?  
 
  

xandstorm
Member
 

Re: Huawei Spying

Post Posted: Feb 04, 19 00:46

- TinyBrain
If a 'german' subscriber of Telekom is in roaming state in China what is the highest possible international IR.21-based bandwith?


That could depend on several technical or administrative factors but usually there is no difference between roaming customers and "native" network customers.

If there is a differece you could possibly find that information in the QOS agreement between Deutsche Telekom and the respective Chinese provider.

Maybe you can ask that question to DT yourself or ask a DT customer to ask it on your behalf.
You might be surprised what information you get when you "just ask".

Saludos,
Lex


Rg,
Lex  
 
  

TinyBrain
Senior Member
 

Re: Huawei Spying

Post Posted: Feb 04, 19 10:20

Lex, Gracias

Nation-state initiated industrial espionage is based on best hiding and deception principles. If you are not in this business you still can ask yourself 'how can they spy without being revealed'? As in the past chip-based backdoors were on vogue but no more. The new kid in town's name is Software-Definded Networking e.g. SD-WAN and NFV.

Therefore the manufacturer who MAINTAINS by SLAs the Core Network has all options. Usually the manufacturer is in the best position, but spying hiding principles can cheat the Core Network to believe e.g. a mobile subscriber is in on local-breakout and non-roaming to safe cost (SIM-Fraud, SIM-boxes).

Boring stuff you might think, right. But cryptographic challenges inside this domain e.g. zero-knowledge proof is quite funny at least for me Smile  
 
  

xandstorm
Member
 

Re: Huawei Spying

Post Posted: Feb 04, 19 13:55

Hello TinyBrain,

Thank you for your feedback

I was in "this business" (COMINT, TSCM and counterintelligence) for 20 years.
May I suggest we continue this conversation through other means?
I think this discussion will go off topic for this forum.

Please send me PM with your contact details.
You can also find mine with a little googling. Cool

Saludos,
Lex  
 
  

jaclaz
Senior Member
 

Re: Huawei Spying

Post Posted: Feb 04, 19 14:56

- xandstorm

You can also find mine with a little googling. Cool

Or maybe more simply just looking at your profile on the board? Rolling Eyes
www.forensicfocus.com/...xandstorm/

jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 
 
  

xandstorm
Member
 

Re: Huawei Spying

Post Posted: Feb 04, 19 15:00

- jaclaz

Or maybe more simply just looking at your profile on the board? Rolling Eyes
www.forensicfocus.com/...xandstorm/
jaclaz


Yes, for example. Multiple options here as you see Wink

Saludos,
Lex  
 
  

TinyBrain
Senior Member
 

Re: Huawei Spying

Post Posted: Feb 04, 19 22:02

Only the cryptographic part of these forensic issues is my profession and the reason I posted to learn from experts here. Please dont see this against you that we got order from my boss to our team to be open but also little cautious about social engineering. Up from this year our team has to advice any collaboration first internally and get approval from above if its outside my main profession. If we meet e.g. at Eurocrypt this is different. Post-quantum crypto we are not allowed over digital in general.

What possibilities has any Mobile Broadband manufacturer like Nokia (Siemens Networks), Ericsson, ZTE and others to misuse their release update process to bring data out without detection. If e.g. an initial authentication handshke process fails the seemingly trusted partner is in real MITM-redirected.

The actually ongoing passive DNS-hijacking is an excellent example in this class of problems.

The forensic question remains. How can this being detected?  
 

Page 1 of 5
Page 1, 2, 3, 4, 5  Next