Interesting, thanks for the report. .hc
Matej Kovacic via guardian-dev: > Hi, > > maybe this story (which is still ongoing) will be of interest of some > people around here. > > I a blogging (in Slovenian language, but you can use google Translate) > about the second largest mobile operator in Slovenia. In short, I have > noticed they are doing MITM on HTTPS connections and it turned out that > they are using Secucloud DNS filtering with quite stupid implementation > - they were sending requests to blacklisted domains through proxy, which > did MITM with self signed certificate. > > And few days after that I found out that their mobile network has been > inserting additional HTTP headers: X-MCCMNC with the value “29340” > (mobile country code and network code) and - oh yes, baby - > X-Asmp-User-Msisdn, which in fact contained the phone number of the > subscriber. > > There is much more of course. I would say it is quite fun reading, > however it is really a bad practice and - my personal opinion - terrible > incompetence of maintaining their own network. > > Here are the links: > > # https://telefoncek.si/2020/05/12/prestrezanje-v-omrezju-a1/ > # https://telefoncek.si/2020/05/18/nenavadno-dogajanje-v-omrezju-a1/ > # > https://telefoncek.si/2020/05/24/poseganje-v-promet-uporabnikov-operaterja-bob/ > > > If there is an interest, I can try to compile an English version. > > Regards, > Matej > > > _______________________________________________ > List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev > To unsubscribe, email: [email protected] > -- PGP fingerprint: EE66 20C7 136B 0D2C 456C 0A4D E9E2 8DEA 00AA 5556 https://pgp.mit.edu/pks/lookup?op=vindex&search=0xE9E28DEA00AA5556 _______________________________________________ List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To unsubscribe, email: [email protected]
