The Citizen Lab Bad Connection: Uncovering Global Telecom Exploitation by Covert Surveillance Actors
citizenlab.ca
Our investigation uncovers two sophisticated telecom surveillance campaigns and, for the first time, links real-world attack traffic to mobile operator signalling infrastructure. The findings expose how suspected commercial surveillance vendors (CSVs) exploit the global telecom interconnect ecosystem, leverage private operator networks, and conduct covert location tracking operations that can persist undetected for years.

This read is interesting and makes me wonder how can we fight back. I don’t undrstand much of this but what i have figured out is that its based on tracking phone IMEI. Presumably OSs like GrapheneOS cannot spoof the IMEI because its used to route traffic to your phone isn’t it? I know it can use a different MAC for different eifi connections, trace reducing the footprints you leave behind but i guess it can’t do this for IMEI?

  • bitfucker@programming.dev
    1·
    5 days ago

    IMEI and GSM in general is one of those “industry standard” that are so heavily paywalled that the effort to reverse engineer it is pretty hard. You can look at osmocomm, the umbrella open source project that tries to make mobile communication more accessible and open