[VOIPSEC] Indentity Management and VoIP and More
Black Ratchet
blackratchet at blackratchet.org
Tue Apr 25 06:26:05 CDT 2006
On Mon, 24 Apr 2006 6:01pm, bob wrote:
> How many hackers have A-links to STPs or F-links to SSPs?
> I'm tempted to say zero, although I may be off by a handful.
>
> The difference in exposure alone makes SS7 substantially more secure.
Actually, I think you're comparing apples and oranges. While the SS7
/network/ may be 'more secure', SS7 itself and it's various
implementations may be substantially LESS secure then IP. There is
something to be said about having legions of script kiddies banging
against a product or protocol, any flaws will certainly come up
quickly.
The OpenSS7 project, (I think it was them, at least) has found all kinds
of flakyness with the SS7 protocol and the various commercial stacks out
there. It's crazy.
~BR
More information about the Voipsec
mailing list