Playlist "What Hackers Yearn 2025"

A Journey Through Boring Telco Data Leaks

Over the past few years, I’ve been casually poking around and stumbling upon exposed data and insecure infrastructure all across the telco ecosystem. From unsecured debug portals to full backend access, the leaks themselves might seem technically boring.

In this talk, I’ll walk through a handful of real-world cases, showing how misconfigurations, sloppy code, and forgotten interfaces can lead to serious exposures.

These include:

* an eSIM provisioning portal exposed via unauthenticated debug web interface
* full backend access to a smartphone retail platform, including CRM data and hotline audio recordings
* publicly accessible SIM inventory systems, Call Data Records (CDRs), and even passport scans
* "open source" telco functions running in plain PHP, sometimes with hardcoded credentials
* …and more strange eSIM-related findings

This isn’t a high-end 0-day story. This is about minimal-effort, boring data leaks that still manage to have a surprisingly high impact. The talk will include examples, screenshots, and recurring patterns that keep coming up.

Licensed to the public under https://creativecommons.org/licenses/by/4.0/

News
RSS, last 100
Podcast feed of the last two years	SD quality
Podcast audio feed of the last year
Podcast archive feed, everything older than two years	SD quality
Podcast feeds for WHY2025
opus
mp4	SD quality
mp3
webm	SD quality

News
RSS, last 100
Podcast feed of the last two years	SD quality
Podcast audio feed of the last year
Podcast archive feed, everything older than two years	SD quality
Podcast feeds for WHY2025
opus
mp4	SD quality
mp3
webm	SD quality