Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
rslade
Influencer II
‎12-08-2018 02:55 PM
‎12-08-2018 02:55 PM

Phones and cell towers are part of the infrastructure ...

With the furor over Huawei, and other related issues, there's a reminder that we are using cell/mobile smartphones more and more as a vital part of our computer, communications, and information technology, of all types.

 

And that we don't understand phones.

 

I worked in a government office that primarily dealt with phone service at one point.  The Internet was only just becoming available (I was the only one in the office who had an account), and the consultants were all old radio and phone guys.  Whenever someone said "data" it was "just a minute--Rob!"

 

They didn't understand data and networking.  At the same time, the computer people I was dealing with didn't understand phones.  (Heck, at that point, they didn't understand networks, either.)  But, even as we got to know (a lot) more about networking, most techies still don't understand phones, and particularly cell phones.

 

We probably need to.


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Reply
0 Kudos
3 Replies
Flyslinger2
Community Champion
‎12-10-2018 09:10 AM
‎12-10-2018 09:10 AM

"An initial root cause analysis indicates that the main issue was an expired certificate in the software versions installed with these customers." 

I supported a large U.S. Federal agency that had a similar occurrence.  These are easily remedied situations with enterprise Certificate Management Systems.  The agency refused to purchase the tool to keep them safe based on my recommendation.  Want to guess what happened to them again? LOL

 

I just started working a new project and they have the same issue in their network-expired certificates and they had no monitoring in place to be pro-active. Several servers are failing because of the now expired certificates.

Reply
0 Kudos
mgorman
Contributor II
‎01-03-2019 04:23 PM
‎01-03-2019 04:23 PM

Well, for US based companies or organizations, there are a lot of wireless people on the street right now, due to the separations at VzW.  I was part of that world a long time, and can tell you that there are lots of interesting things in and around cellular networking.  If you have an organizational interest, now might be the time to pick up some experienced engineers.

 

For those that watch shows like NCIS, I can tell you that law enforcement agencies can't hack in any time they like and watch you in real time move around the network.  They can, however, get a court order and have that information delivered to them in near real time The infrastructure does have a very good idea of where you are as a fundamental part of its functioning.  If you don't want to be tracked, at all, by your phone, turn it off, pull the battery.

Reply
0 Kudos
dreastans
Newcomer III
‎01-04-2019 11:06 AM
‎01-04-2019 11:06 AM

I'm one of those that took advantage of their buyout this year.  And you're exactly right.  Most people who want privacy or to not be tracked are already too late to the game.  Going into the future, turn off your phone and pull the battery and go back to landline or nothing.  But it's important to note that nobody can track you willy-nilly for fun and profit without the appropriate authorization.


---
Andrea Stansbury- CISSP
Reply
0 Kudos