Mastodawn

1d ago

Today in #ITSecurity gone wrong: I am in Austria as a German. I just received a notification via cell broadcast about a fire in the area. The broadcast contains a URL - but this URL is only accessible from an Austrian IP address. My LTE roaming IP isn’t allowed. So… I guess I just suffocate because I have the wrong IP address, then? 😅

Simon 22h ago

Jon 22h ago

#retrocomputing was fun when Sony made wild personal computers.

@henryk The sync thing is probably true, and I fully understand the announcement thing (also a lot of small broadcasters are participating without complicated broadcasting systems). But I would have though this is a common problem and there would be some value in adding some more information (e.g. which kind of graphics is shown).

https://www.youtube.com/watch?v=2uAP9pZIBB0

How are the graphics for the national phone numbers triggered during #eurovision?

“Graphics in three, two, one, now!”
*lengthy 1 kHz tone*
“Graphics away in three, two, one. now!”

Using an 1 kHz tone on an digital audio track in an MPEG-TS instead of… anything else (e.g. a subtitle track?) seems a little bit odd?

The hidden beeps that control Eurovision graphics

YouTube

scy 1d ago

"from another service". You fucking liars.

#SoundCloud

Stabi Hamburg 1d ago

Die Karl-May-Spiele in Bad Segeberg locken seit 1952 jedes Jahr Hunderttausende ins Kalkbergstadion – für viele sind Winnetou und Old Shatterhand Kult. Weniger bekannt ist dagegen die Geschichte des Stadions in der NS-Zeit. https://www.ndr.de/geschichte/schauplaetze,kalkberg103.html

LOL https://link.springer.com/content/pdf/10.1007/s10530-025-03622-4.pdf

fasel 1d ago

10jähriges Nicht-Stattfinden des #CSD in Istanbul.

2015 fand dort die letzte legale Pride statt. Seitdem wurde jeder Versuch mit Tränengas und Massenverhaftungen niedergeschlagen.

Simon 2d ago

Geoff 🏴󠁧󠁢󠁳󠁣󠁴󠁿2d ago

I can't believe we're still having to say this in 2025, but would people *please* scroll back to the top of a website when they're finished reading, so it's ready for the next person. We've even got buttons at the bottom to do it all in one go, it's not 1994 any more.

Simon 2d ago

Vildis 2d ago

i spent too much time on this

Simon 3d ago

Nonya Bidniss

4d ago

Sent them an email requesting to have my IP range allowlisted and questioning the general assumption such a service should be limited to in-country IP ranges. Let’s see what happens.

danimrich 1d ago

@hacksilon Hmm, interesting. Is it normal to get an IP from the home country when doing LTE roaming? Is this similar to a VPN?

not Evander Sinque 1d ago

@danimrich @hacksilon most of the time, yes. I have two SIMs from different countries and each data plan identifies me as coming from the country the SIM is from.

ioPhileas 17h ago

@danimrich yeah roaming is ?always? tunneled to your providers original country (at least that's what I've experienced with a lot of providers in a variety of countries)

sabik 9h ago

@hacksilon
How we all imagine it happened:

@hacksilon wow

@hacksilon wtf

H.Lunke & Socke 1d ago

@hacksilon die Notrufleitstelle Tirol bekommt von deutschen Mobiltelefonen auch keine Standortermittlung. Letztes Jahr für euch in den Bergen getestet.
Die Bergrettung konnte dann aber was mit den per SMS übermittelten Koordinaten anfangen

f1r3 1d ago

@HLunke @hacksilon das SMS-Ding is nur eine leere Webseite die den Standort wissen will - ein eher plumper Workaound um das Problem, aber *Leitstellen tun sich manchmal wirklich schwer Verunglückte zu finden.

Nico 1d ago

@HLunke @hacksilon hast du die via 112 angerufen oder über eine andere Nummer?

H.Lunke & Socke 1d ago

@nicoduck @hacksilon
Die Kumpels haben das für mich gemacht und ja das muss die 112 gewesen sein

Nico 1d ago

@HLunke @hacksilon hab gerade mal gesucht, Österreich hat die EU Regel wohl (noch?) nicht komplett umgesetzt und unterstützt die automatische Lokalisierung der Endgeräte (AML) weder im Roaming, noch bei iOS Geräten (generell). Roaming scheint aber generell ein Thema zu sein, das unterstützen die wenigsten Länder. Leider.

H.Lunke & Socke 1d ago

@nicoduck @hacksilon p

Ah, war ein iOS Gerät und Roaming

Allerdings konnte, oder wollte, der Mensch am Telefon auch auf Nachfrage nix von den Koordinaten wissen. Die Bergrettung war dann froh dass wir die liefern konnten

Wulfy 1d ago

@hacksilon

If it's a national broadcaster URL, everyone is doing it, UK, Sweden, Poland, Australia.

You don't want non-taxpayers leeching your Comms...apparently.

christian mock 1d ago

@n_dimension Nope, this is the province government. @hacksilon

@hacksilon @cm Hallo Max Maass, I have an Austrian IP address (static. Magenta) and see the same error. Looks like the wrong URL was included in the message (i.e. one that is only reachable from within the network vs. a public one)

1d ago

@QueerNewsat @cm I could actually get it to work when using the hotel WiFi and turning off my custom DNS resolver and using the default. Seems to be a DNS-based block, I think?

Sebastian 11h ago

@hacksilon @QueerNewsat @cm Reminds me of overblocking (Reddit, ImmoScout Captcha and other) because the IP is listed as
„Anonymous Proxy: This IP address has been identified as an anonymous proxy.“
You can check on www.liveipmap.com

Andreas Scherbaum 1d ago

@hacksilon Wouldn't trust the Germans either (and I am one) ;-)

Jokes aside, as a minimum I'd expect the error website to show the IP the server is seeing. This makes debugging so much easier.

kokurya 1d ago

@ascherbaum
Tja wir haben halt jedes Jahr viele Touristen aus Deutschland.
Es muss halt auch wieder Platz für Neue sein ;)
@hacksilon

Olaf Bohlen 20h ago

@hacksilon in Nußdorf brennt ein Recyclinghof, der Brand ist riesig und die Rauchwolke konnte man von weitem sehen (ich bin da gestern dran vorbeigefahren…)

10h ago

@olbohlen jep, ich hab das dann auch über andere Quellen herausfinden können.

ioPhileas 17h ago

@hacksilon oh darn! Hope you are safe! Thanks for the screenshot, I might use this in the future to illustrate impact of Cybersecurity risk controls on (patient) safety risks. This is something the quality manual requires us to evaluate (into both directions). So this here should have been caught when introducing a Cybersecurity risk control as an issue.

Philip Mallegol-Hansen 17h ago

@hacksilon GeoIP restrictions are totally a useful tool and not at all just a dumb sham 🙃

Krutonium://11h ago

@hacksilon Well that's incredibly stupid

BDSM-Rezo 9h ago

@hacksilon Tyrol, of all places. They're not very good at issuing warnings in time. I remember an avalanche accident in 1998, and there was something during Corona too.

How meaningful was the Cell Broadcast message without the website?

9h ago

@Reemt tbh, the website mostly repeated the cell broadcast message. Not that important.

Asta McCarthy 8h ago

@hacksilon #geofencing kills

Göran Roseen 8h ago

@hacksilon Why does Austria have ip addresses that doesn't work outside of the country?
Is this a common thing I just didn't know of?

2h ago

@roseen it’s just regular geoblocking, I assume - they only allow Austrian IP ranges, apparently.

Piia Bartos 8h ago

@hacksilon

Austria, the country that doesn't allow Google Street View but has detailed maps of universities (with each prof's room named) available online. At least a few years ago, I don't know if they changed anything...

They have somehow crooked sense of security.

mtp 6h ago

@hacksilon This same type of deal happens all the time. I am U.S. American permanently domiciled in CH. When I travel back to the U.S. and use mobile roaming, a bunch of systems in the U.S. break down with the foreign IP:

1. Most restaurants' digital menus.
2. Most mobile (car) parking applications.
3. U.S. Government web sites.

What is this whole problem class called? Is this an artifact of "home routing" per the LTE roaming agreement: https://i3forum.org/wp-content/uploads/2014/05/i3F-LTE-Data-Roaming-over-IPX-Release-1-FINAL-2014-05-12.pdf?

2h ago

@matt either that or just regular geoblocking?

Dietmar aka DL2SBA 5h ago

@hacksilon Small statehood at its best

Clemens Zauner 4h ago

@hacksilon

Sure, that's a geoblock and not just another shitlisting of Vodaphone or T-Mobile IP-space?

I would totally understand the later. Traffic from this sources is generally as trustworthy as from public WiFi networks from Bangalore...

2h ago

@czauner can’t really tell from the outside. Don’t have any other devices on other networks to play with. But using the hotel WiFi while tunneling DNS (but not HTTP) over my home network (via VPN) triggers the same behavior. So, probably DNS-based Geoblocking?