Slashdot Mirror
Your Phone Number Is All a Hacker Needs To Read Texts, Listen To Calls and Track You (theguardian.com)
Samuel Gibbs, reporting for The Guardian: Hackers have again demonstrated that no matter how many security precautions someone takes, all a hacker needs to track their location and snoop on their phone calls and texts is their phone number. The hack, first demonstrated by German security researcher Karsten Nohl in 2014 at a hacker convention in Hamburg, has been shown to still be active by Nohl over a year later for CBS's 60 Minutes. The hack uses the network interchange service called Signalling System No. 7 (SS7), also known as C7 in the UK or CCSS7 in the US, which acts as a broker between mobile phone networks. When calls or text messages are made across networks SS7 handles details such as number translation, SMS transfer, billing and other back-end duties that connect one network or caller to another. By hacking into or otherwise gaining access to the SS7 system, an attacker can track a person's location based on mobile phone mast triangulation, read their sent and received text messages, and log, record and listen into their phone calls, simply by using their phone number as an identifier.Also from the report, "60 Minutes contacted the cellular phone trade association to ask about attacks on the SS7 network. They acknowledged there have been reports of security breaches abroad, but assured us that all U.S. cellphone networks were secure." Update: 04/18 16:51 GMT by M :Reader blottsie writes: U.S. Rep. Ted Lieu (D-Cali.) on Monday called for a full congressional investigation into the aforementioned widespread flaw in global phone networks.
All they need is your phone number and access to the SS7 system.
Long signatures suck.
Day by day it seems more and more clear that what I keep hearing is true, and that functionally there is no such thing as 'privacy' anymore. If random hackers can do this, then governments sure as hell have been doing it, too. How much longer do you think before you can't even take a dump in your own home without someone watching you do it? We may as well just all walk around naked, with our bank account numbers, credit card numbers, ID numbers, and all our other very personal information tattooed on our backs for the world to see.
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
If you have access to the cell phone companies network, you can do what the cell phone companies do. Next on 60 Minutes: if a thief steals your car, he can drive it anywhere he wants to! Tune in at 11 for more SHOCKING details.
"They acknowledged there have been reports of security breaches abroad, but assured us that all U.S. cellphone networks were secure."
Oh, so that's alright then.
it seems insecure is the default setting on all our gadgets.
"We haven't been burned yet, so it must be secure."
Phone calls. I remember those! Good times.
Surprised they are still using such a system in modern day SMS and cell phones. I remember reading about separating the command-control stream from the data stream. So it is quite surprising such a hole exists in a modern telcom system.
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
This is also the horrible reason something like FTP is around. A separation between control and data planes.
They acknowledged there have been reports of security breaches abroad, but assured us that all U.S. cellphone networks were secure."
That statement should have read:
They acknowledged there have been reports of security breaches abroad, but assured us that all U.S. cellphone networks were secure to the degree the NSA wants them to be secure."
Not sure why this is shocking to anyone. The only way cellphones work is be broadcasting who they are to everyone listening.
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
SS7 is a series of standard protocols. It's like TCP/IP except for phone networks.
"Your Phone Number Is All a Hacker Needs To Read Texts, Listen To Calls and Track You "
Yeah, that, and privileged access to the telephone network. The title makes it sound like your phone number should suddenly become a secret, and any idiot can simply start reading your texts with just your cell phone. Bullshit.
I'm willing to believe that there's terrible security problems with the phone system. There have been for a LONG TIME. Hackers/Phreakers breaking into these networks via something as simple as Social Engineering has happened for 40 years.
Saw the broadcast. It's old news for those of us in the biz but new for all the sheep using the mobile networks thinking they in any way are safe from unwanted attention. A good scare for those joined at the hip with their mobile. Assume you are being watched and listened to... because you probably are. C'mon this is 2016... privacy... really!!! Hack wise though this is like watching a magician pull a rabbit out of a top hat stuff though... move along Douglass.
Reminds me of Baghdad Bob. "Our network is secure, the hackers are committing suicide at our firewall!"
Support your local school shooter, give them your firearms.
SS7...wow, that takes me back. I thought it had gone out with the landline. Yeah, SS7 has to know your number, that's kind of the whole point of the system, to be able to set up and tear down the call, and to bill correctly. Out-of-band signalling was the death of the oldschool phone phreak, who depended on being able to send tones down the line to control the call. Good ol' Phrack. And idiotic Phrack writers who didn't know what they were talking about. It's a good thing they didn't have comment sections back then, only a periodic publication. Erik Bloodaxe, Voyager, Sirsyko, and when Mudge wasn't an establishment tool. Netta Gilboa. RBOCs. Dumpster diving behind the phone company's central offices. Good times.
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
Mobile networks use two different SS7 networks, one for TCAP communication which includes SMS but not voice and one for ISUP which includes no voice and no SMS (it is a Signalling System). Voice has moved over to SIP from ISUP and the majority of all voice calls never leave the Mobile Switching Center(MSC) and thus there is nothing to tap. Additionally the Mobile Directory Number is not the key used for communication, the IMSI is.
Basically, if you know a Mobile Directory Number and you could insert yourself into the SS7 network you could find out where the phone is but only the city and state, assuming the city was big enough, you only get the MSC. You could also send SMS messages to the phone but you can do that already can't you?
I watched the 60 minutes episode, it was Interesting.
Does it work for POTS or VOIP as well? How about T-Mobiles IP calling feature?
You forgot to tell those yunguns to get off your lawn.
No, the encryption is between the phone and base station, not inside SS7 network.
not only that, I have them all memorized. Don't believe me? Here's one. (301)437-5529. Here's another.(207)844-627. And yet know even more. (902)887-8535. I even know your phone number. Doesn't matter what country or where you live. I know them all.
Your Phone Number Is All a Hacker Needs To Read Texts, Listen To Calls and Track You
Really? That's all a hacker needs?
By hacking into or otherwise gaining access to the SS7 system...
Oh. So "no" then.
Hey, did you know that all a hacker needs to read your emails is your email address? Oh, and the ability to hack into the server that hosts your mail and bypass all its security.
systemd is Roko's Basilisk.
As it happens, I read Exploding the Phone by Phil Lapsley about a week ago, and it's still on my desk. It's a great book. If you like this kind of stuff (I know I do) this book contains as much material on the subject as can reasonably fit in under 400 pages. If you like this stuff, read it.
The pertinent chapter for this thread is titled "A Little Bit Stupid" in which John Draper exploits recently automated [*] "busy verification" to eavesdrop on a primary line of the San Francisco FBI. How do you like them apples, with the roles reversed? (Hint: not very much, not very much at all.)
[*] It had become a little bit too automated in certain large American cities, which additionally qualifies this material for the Boy Scout merit badge "Stolid and Stupider", though that's a much harder-to-tell story about design incompetence internal to greed-addled AT&T.
Even though Draper bragged to a turncoat, he was still protected by the FBI's nearly impenetrable internal aura of "impossible things can't happen to us" until Draper demonstrated the technique while his turncoat buddy made a tape recording.
Why so much fuss? To protect the rectitude of lovable Uncle Sam? Probably not so much. Because tight-assed officialdom in positions of power say a great many things they definitely don't wish to defend against the harsh light of day? You be the judge.
Really, I don't know how Lapsley managed to write this entire book and not intrude more into the obvious. Perhaps two hundred pages of draft manuscript hit the floor in the editing process. (I know every third sentence in my first draft would have contained judgmental invective.)
Here's another thing that freaked out the FBI. The hackers weren't even savvy enough to try to market their incredible capability to the highest bidder (Sold!—to the secret undercover double-agent Flim Colby) and they weren't actually taking any money! or drugs! or prostitutes! so you can't even release the scent hounds.
Alfred Hitchcock
Action is where your crepuscular adversary has taped your intimate moments of conspiratorial graft and offered it up to the highest bidder. The FBI loves action.
Suspense is where your glazed-doughnut adversary has recorded your intimate moments of conspiratorial graft, and doesn't even give a shit, so pretty soon compromising cassette tapes are bouncing around on the dashboard of some horrible mid-seventies beater or tossed randomly into a shoe box of bad Country and Western ($2 obo) at someone's yard sale. The FBI hates suspense.
You see? I'm terribly prone to editorialising.
Anyway, my point about the SS7 hack is pretty much "dog bites man". This kind of thing has been ubiquitous since the first long-hair envious AT&T engineer included "observability" in his desiderata concerning globally distributed systems undergoing a Groundhog Day–esque eternal-September late pubescent growth spurt.
So my non-tech friend who happens to be way too nice of a person crossed paths with a sociopath female who has been monitoring all his texts, calls and tracking him at different locations (and showing up) and then calling his ex girlfriends (or current ones) to let them know where he's at, who hes with and what's being said.. Being somewhat a tech person myself, we set up all new passwords, factory reset, two way authentication, changed his phone number, etc, etc... Now since I am not around him at all times I cannot vouch that he isn't making a mistake which somewhat compromises his accounts but I am pretty confident its outside of our control.. When researching this issue, we have been hearing rumors that people can go into Mexico and can easily get software that can access possibly this 'SS7' hack. The local police have been no help and the FBI has not responded to our claim which basically just leaves my friend having to deal with this psycho. He has also gotten a restraining order against her but she lives in and out of Tijuana and San Diego and we live in San Diego (45 mins apart) and so far it hasn't helped at all. Jokingly I suggested he should just marry her to stop the harassment but maybe y'all have some ideas. So I ask my fellow slashdotters: Anything else we can do to end this 3 year run and possibly get charges to stick against her? Sarcastic replies in 3.. 2 ..1 ..
They can't hear you if you whisper.
I know her number is 867-5309! ;)
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
Do you require ethical and unethical hacking services?,I've worked with leehacks92@gmail.com a couple of times and he's the best I've worked with so far,contact him and tell him Joel sent you..he's very discreet and reliable!