In this video, SRLabs founder Karsten Nohl explains how SS7 exposes your private data. Check it out if you liked his recent @veritasium appearance on the topic!.

Vote for our Phink proposal, a state of the art coverage guided fuzzer for ink! smart contracts. .#ink_in_action.

We have 6 solves so far on our SRLabs hacking challenges!🔓.As expected, the #telco challenge is the hardest to crack. Do you want to hack a telco network or try the crypto and pwn categories? . Running until 21.09.Discord: #ctf

Hop on the Discord for questions, finding a team and maybe even some Memes!.

Our SRLabs CTF is now live! Clean your displays, stretch your fingers and get ready to hack 👾. 🚀 Crypto, Pwn, and Telco challenges.💻 CTF runs: 21.08.2023 - 21.09.2023.👤 Solo or team play. Earn Hall of Fame, goodies and get to know our team 🏆

Many of us enjoy CTF’s and now we are finally hosting SRLabs-original hacking challenges. Put in a lot of effort – one of the challenged simulates a telco network. See if it was worth it on Aug 21 when we go live 👾 🚩.#ctf

Come meet Yvette (@iyskierka) and Rachna at @42_berlin tomorrow at 6pm to learn about their journey in security consulting and hardware hacking.

11/11 Credits: .Kudos to our Infrared Team: Nicholas Farnham, @kantorkel, @Linuzifer, @dmnk_bln, Laura Pros Segura, Jannes Quer, and Folkert Saathoff.

10/11 Key takeaway: .Users interested in using mobile networks anonymously must change each identifying element associable with 4G LTE routers and linked devices, namely IMSI/IMEI numbers, router BSSIDs, and device MAC addresses.

9/11 More on blue merle: .Threat assessment white paper: .Blog post: .Article in Unredacted magazine:

8/11 How to get blue merle: .The OpenWrt software package is hosted on our GitHub: Installation is easy, just follow the steps below. We also look forward to pull requests.

7/11 Log wiper: .By wiping the Mudi router’s cache of stored MAC addresses at each boot, third parties with remote or physical access can no longer enumerate the devices that have connected to the Mudi router.

6/11 MAC and BSSID randomizer: .The blue merle package regularly randomizes the Mudi router’s BSSID and removes links to past activities, whereabouts, and Wi-Fi connections by using a different MAC address on each boot.

5/11 IMEI randomizer: .Blue merle enforces an IMEI randomization upon every SIM card change to break the linkage between the subscriber and device identities. The Mudi router’s baseband unit is a Quectel EP06-E/A Series LTE Cat 6 Mini PCIe module.

4/11 Our software package blue merle mitigates these tracking risks through: .- an IMEI, MAC and BSSID randomizer .- a log wiper to reduce forensic attack surface.

3/11 Additionally, the storage of Basic Service Set Identifier (BSSID) and Media Access Control (MAC) addresses of connected devices allow for activity and Wi-Fi-based location tracking.

2/11 Tracking of the Mudi’s activity, location, and, in some cases, the identification of the purchaser is possible through the International Mobile Equipment Identity (IMEI) number, even if an anonymous SIM card is used.

1/11 Mobile network operator tracking methods present privacy risks for users of 4G LTE routers, even those designed for user anonymization. Our open-source software project blue merle mitigates those affecting the GL.iNet Mudi GL-E750 router. Here are our key findings 🧵.

@kantorkel is taking the stage right now to explain his approach and findings:

US Military devices bought on eBay contained biometric data of thousands of people as our colleague @kantorkel and some of his friends of CCC found out