From: Robert McMahon <rjmcmahon@rjmcmahon.com>
To: Tara Stella <tara@tara.sh>
Cc: "Network Neutrality is back! Let´s make the technical aspects
heard this time!" <nnagain@lists.bufferbloat.net>,
"David Bray, PhD" <david.a.bray@gmail.com>
Subject: Re: [NNagain] FCC - delete, delete, delete
Date: Fri, 14 Mar 2025 11:53:16 -0700 [thread overview]
Message-ID: <CAEBrVk6H61cnRSSdVvO=Fk=41USm93wNXE14ARXE7EPF-x2swA@mail.gmail.com> (raw)
In-Reply-To: <55d2836a4fe4c6cf9e2b4d953b62f6c62f0e73c3.camel@tara.sh>
> I'm not an expert, but I wonder if the complexity has increased the potential attacking surface.
I'm not an expert here either - but I do think complexity does
increase the attack service. Breaking up the control and data planes
seems like a good idea to me.
Also, devices like CPUs that run programmable logic are a target
because their logic flows can be hijacked. Hardware solutions for
simple functions like forwarding packets cannot be reprogrammed at the
data plane level, minimizing their attack service.
Moving the control plane(s) into a management domain where security
experts do their work everyday seems a must to me. Pushing this into
consumer premises and adding more and more seems like a disaster in
the making.
https://www.splunk.com/en_us/blog/learn/control-plane-vs-data-plane.html
Bob
On Fri, Mar 14, 2025 at 1:16 AM Tara Stella <tara@tara.sh> wrote:
>
> On Thu, 2025-03-13 at 22:24 -0400, David Bray, PhD via Nnagain wrote:
>
> Indeed. Yet here on ground SS7 remains vulnerable and exploitable too?
>
>
> I'm working for a big telco in Europe, and I'm just marginally involved in the telco network.
> AFAIK, in our infrastructure, SS7 is a niche in some very old equipment sitting somewhere.
> On fixed broadband, we migrated everything over IP, voice is SIP, including VAS services, that are somehow fading away as well (IMS still in place for voicemail).
> On 5G Standalone, everything is HTTP on the control plane and GTP encapsulation on the user plane.
>
> I'm not an expert, but I wonder if the complexity has increased the potential attacking surface.
> Cheers,
> Tara
>
next prev parent reply other threads:[~2025-03-14 18:53 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-12 17:39 Dave Taht
2025-03-13 0:00 ` Richard Roy
2025-03-13 16:33 ` Robert McMahon
2025-03-13 17:00 ` Frantisek Borsik
2025-03-13 18:36 ` Robert McMahon
2025-03-13 23:59 ` David Lang
2025-03-14 1:12 ` Robert McMahon
2025-03-14 1:38 ` David Bray, PhD
2025-03-14 2:17 ` Robert McMahon
2025-03-14 2:20 ` Robert McMahon
2025-03-14 2:24 ` David Bray, PhD
2025-03-14 8:16 ` Tara Stella
2025-03-14 18:53 ` Robert McMahon [this message]
2025-03-14 19:05 ` Richard Roy
2025-03-14 21:09 ` David Lang
2025-03-14 21:20 ` Dick Roy
2025-03-14 21:48 ` David Lang
2025-03-15 18:16 ` Robert McMahon
2025-03-15 18:49 ` Daniel Ezell
2025-03-16 17:50 ` Robert McMahon
2025-03-15 18:50 ` Robert McMahon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.bufferbloat.net/postorius/lists/nnagain.lists.bufferbloat.net/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAEBrVk6H61cnRSSdVvO=Fk=41USm93wNXE14ARXE7EPF-x2swA@mail.gmail.com' \
--to=rjmcmahon@rjmcmahon.com \
--cc=david.a.bray@gmail.com \
--cc=nnagain@lists.bufferbloat.net \
--cc=tara@tara.sh \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox