XPost: alt.privacy, alt.privacy.anon-server
From: Ancient-of-Days@Heaven.Net
Nomen Nescio asked
>> I'm searching for where that (public?) database query lies...
>
> Why? It's of no use to you.
> Those databases are for operational use by phone companies.
Many sites nowadays ask for a phone number to verify with a text.
I give them always, first, the 2ndline numbers.
Somewhere roughly around half the time that bogus 2nd line works.
I get the confirmation text and I can then register the web account.
For the half that work, I don't care why they work. Because they work.
For the half that don't work - I'm curious HOW they knew it was a 2nd line?
More to my needs, I'd like to know how to tell what the lookups say for my
2nd lines as I'd like to expand my use of the 2nd lines to times when
companies ask for my phone number and I don't feel like arguing with them.
>> Where is this database located and who populates it around the world?
>
> SS7
I googled to find that SS7 is most likely "Signaling System 7"
"SS7 separates signaling from the voice circuits."
"The SS7 protocol stack may be partially mapped to the OSI Model
of a packetized digital protocol stack."
Apparently whatever SS7 is, it's extremely vulnerable
"In 2008, several SS7 vulnerabilities were published that permitted the
tracking of cell phone users.[14] In 2014, the media reported a protocol
vulnerability of SS7 by which anybody can track the movements of cell
phone users from virtually anywhere in the world with a success rate
of approximately 70%"
It seems to have holes everywhere
"SS7 vulnerabilities had been exploited to bypass two-factor authentication
to achieve unauthorized withdrawals from bank accounts."
But I didn't want to get into how secure or insecure SS7 is.
Maybe I should have asked the question differently.
Q: How do they know that I'm using a 2nd line?
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)
|
