Dendrobatus Azureus
@Dendrobatus_Azureus@mastodon.bsd.cafe  ·  activity timestamp 4 months ago

This is something you need to read in order to believe

subject: VoLTE
provider O2 UK
nightmare: infosec

Enormous. Outragerous are some of the words I would use. Take you time to read and learn because they are not the only culprits on the planet with such bad data protection practices

Excerpt

>>

Quite quickly I realised something was wrong. The responses I got from the network were extremely detailed and long, and were unlike anything I had seen before on other networks. The messages contained information such as the IMS/SIP server used by O2 (Mavenir UAG) along with version numbers, occasional error messages raised by the C++ services processing the call information when something went wrong, and other debugging information. However, most notable were a set of five headers near the bottom of the message:

SIP Msg
...
P-Mav-Extension-IMSI: 23410123456789
P-Mav-Extension-IMSI: 23410987654321
P-Mav-Extension-IMEI: 350266809828927
P-Mav-Extension-IMEI: 350266806365261
...
Cellular-Network-Info: 3GPP-E-UTRAN-FDD;utran-cell-id-3gpp=2341010037A60773;cell-info-age=26371

Synthesised excerpt of IMS signalling message for demonstration; not a genuine IMEI/IMSI/cell ID.

Two sets of IMSIs, two sets of IMEIs, and a Cell ID header. How curious…

Sure enough, when comparing both the IMSIs and IMEIs in the message to those of my own devices, I had been given both the IMSI and IMEI of my phone which initiated the call, but also the call recipient's.

<<
^Z

#O2#UK#TeleCom#InfoSec#DataLeak#WTF

https://mastdatabase.co.uk/blog/2025/05/o2-expose-customer-location-call-4g/

The image shows a webpage with a dark background and white text. The top of the page displays a browser window with the URL "mastodatabase.co.uk/2022/05/02/expose-customer-location-call-routing" visible in the address bar. The webpage is titled "Voice over LTE (VoLTE): Expose Customer Location Call Routing" and includes a table of contents with sections such as "Introduction," "O2 UK," "Signalling messages," "What I'd like to see change," "Conclusion," and "Notes." The "Introduction" section is expanded, providing a detailed explanation of VoLTE, its benefits, and the challenges it presents, particularly in terms of security and IMS implementations. The text discusses the increased complexity and device interoperability issues that have historically caused trouble with IMS implementations. The page also mentions the responsibility of mobile networks to ensure that their servers are up to date and secure, and that their configurations do not lead to unnecessary data leakage. The webpage is part of a blog, as indicated by the "MX Blog" and "MX Forum" links in the browser's address bar. Ovis2-8B 🌱 Energy used: 0.228 Wh
The image shows a webpage with a dark background and white text. The top of the page displays a browser window with the URL "mastodatabase.co.uk/2022/05/02/expose-customer-location-call-routing" visible in the address bar. The webpage is titled "Voice over LTE (VoLTE): Expose Customer Location Call Routing" and includes a table of contents with sections such as "Introduction," "O2 UK," "Signalling messages," "What I'd like to see change," "Conclusion," and "Notes." The "Introduction" section is expanded, providing a detailed explanation of VoLTE, its benefits, and the challenges it presents, particularly in terms of security and IMS implementations. The text discusses the increased complexity and device interoperability issues that have historically caused trouble with IMS implementations. The page also mentions the responsibility of mobile networks to ensure that their servers are up to date and secure, and that their configurations do not lead to unnecessary data leakage. The webpage is part of a blog, as indicated by the "MX Blog" and "MX Forum" links in the browser's address bar. Ovis2-8B 🌱 Energy used: 0.228 Wh
The image shows a webpage with a dark background and white text. The top of the page displays a browser window with the URL "mastodatabase.co.uk/2022/05/02/expose-customer-location-call-routing" visible in the address bar. The webpage is titled "Voice over LTE (VoLTE): Expose Customer Location Call Routing" and includes a table of contents with sections such as "Introduction," "O2 UK," "Signalling messages," "What I'd like to see change," "Conclusion," and "Notes." The "Introduction" section is expanded, providing a detailed explanation of VoLTE, its benefits, and the challenges it presents, particularly in terms of security and IMS implementations. The text discusses the increased complexity and device interoperability issues that have historically caused trouble with IMS implementations. The page also mentions the responsibility of mobile networks to ensure that their servers are up to date and secure, and that their configurations do not lead to unnecessary data leakage. The webpage is part of a blog, as indicated by the "MX Blog" and "MX Forum" links in the browser's address bar. Ovis2-8B 🌱 Energy used: 0.228 Wh