Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Discover SS7 Flaw, Allowing Total Access To Any Cell Phone, Anywhere

Posted by Soulskill on from the just-in-case-you-were-feeling-safe-and-secure-today dept.

krakman writes: Researchers discovered security flaws in SS7 that allow listening to private phone calls and intercepting text messages on a potentially massive scale – even when cellular networks are using the most advanced encryption now available. The flaws, to be reported at a hacker conference in Hamburg this month, are actually functions built into SS7 for other purposes – such as keeping calls connected as users speed down highways, switching from cell tower to cell tower – that hackers can repurpose for surveillance because of the lax security on the network. It is thought that these flaws were used for bugging German Chancellor Angela's Merkel's phone.

Those skilled at the housekeeping functions built into SS7 can locate callers anywhere in the world, listen to calls as they happen or record hundreds of encrypted calls and texts at a time for later decryption (Google translation of German original). There is also potential to defraud users and cellular carriers by using SS7 functions, the researchers say. This is another result of security being considered only after the fact, as opposed to being part of the initial design.

5 of 89 comments (clear)

  1. How naive... by Anonymous Coward · · Score: 4, Insightful

    "Flaw"? Is anyone really that ignorant these days? This is not a bug, it's by design.

    1. Re:How naive... by squiggleslash · · Score: 4, Insightful

      Your use of the term "naive" suggests you think it's designed that way due to conspiracy.

      SS7 is a protocol designed to do all these things because it's designed to manage the phone network. That's it's job. If it didn't do those things, it couldn't be used to route phone calls.

      Does it have poor security? Yes in the 2014 world, but at the time it was developed virtually every phone company was a monopoly, and it was just assumed only a small handful of easily accountable giant telcos, usually only one in each nation, would ever use it directly. You might just as well criticize non-networked single-user circa-1977 CP/M for not having logins and user/group ownership of files.

      --
      You are not alone. This is not normal. None of this is normal.
  2. Re:Hardware Security by NixieBunny · · Score: 4, Insightful

    Except with the land line, someone has to go find your physical wire pair and connect to it. This is a software hack.

    --
    The determined Real Programmer can write Fortran programs in any language.
  3. Re:Intercepting encrypted communications! OMG! by meta-monkey · · Score: 5, Insightful

    This isn't even about a subversion of standards. It's kind of required for cell phones to work that the towers are able to identify your handset and route your calls and messages. This isn't an OTA exploit. You still have to have physical access to the switch and credentials.

    OMG guys! I've discovered a terrible, awful vulnerability in Linux!!! If somebody has your root password, they can, with a few keystrokes, have total access to your computer! They can read all your files, change them, delete them, anything! We're doomed!

    No, the problem with government surveillance is a political one, not a technological one. As long as they have the authority to hook their boxes into the communications lines, nothing can ever be secure. Somebody has to have root access to the system for the system to work and be maintainable.

    I work at a hospital, and I have root access to the database. ZOMG your medical records aren't secure! Somebody sitting at the server with the root password can see everything! Ummmm no, your records are fine. I have to have access to the database to do my job. But we have a political system including an internal review board and threats of felony criminal prosecution if I were to do anything to violate your privacy. Also I'm not a dick. The solution to government surveillance is a political one. We need people who aren't dicks and rules that put them in jail if they intercept your calls.

    --
    We don't have a state-run media we have a media-run state.
  4. Re:LOL. by wolrahnaes · · Score: 5, Insightful

    SS7 dates to the '70s. Pretty much no communications protocols intended for general use were designed with even the thought of security at the time. The number of players in the game was small enough that any bad behavior could be rooted out fairly easily.

    Look at email for the same basic problem, it was designed with the assumption that the parties involved could be trusted because on the networks it was designed for that was generally the case. Over time the trustworthiness of the network was degraded for reasons both good and bad, but the common protocols had already been established by then and it's a long road to change.

    I won't argue that there probably has been some "influence" on decisions about adopting more secure replacements, but it's a bit tinfoil hattish to claim that the protocols themselves were intentionally made insecure when it's well documented that most protocols from that era just weren't designed to try to be secure in the first place.

    --
    I used to get high on life, but I developed a tolerance. Now I need something stronger.