Slashdot Mirror

← Back to Stories (view on slashdot.org)

Your Phone Number Is All a Hacker Needs To Read Texts, Listen To Calls and Track You (theguardian.com)

Posted by msmash on from the challenge-for-the-day:-act-surprised dept.

Samuel Gibbs, reporting for The Guardian: Hackers have again demonstrated that no matter how many security precautions someone takes, all a hacker needs to track their location and snoop on their phone calls and texts is their phone number. The hack, first demonstrated by German security researcher Karsten Nohl in 2014 at a hacker convention in Hamburg, has been shown to still be active by Nohl over a year later for CBS's 60 Minutes. The hack uses the network interchange service called Signalling System No. 7 (SS7), also known as C7 in the UK or CCSS7 in the US, which acts as a broker between mobile phone networks. When calls or text messages are made across networks SS7 handles details such as number translation, SMS transfer, billing and other back-end duties that connect one network or caller to another. By hacking into or otherwise gaining access to the SS7 system, an attacker can track a person's location based on mobile phone mast triangulation, read their sent and received text messages, and log, record and listen into their phone calls, simply by using their phone number as an identifier.Also from the report, "60 Minutes contacted the cellular phone trade association to ask about attacks on the SS7 network. They acknowledged there have been reports of security breaches abroad, but assured us that all U.S. cellphone networks were secure." Update: 04/18 16:51 GMT by M :Reader blottsie writes: U.S. Rep. Ted Lieu (D-Cali.) on Monday called for a full congressional investigation into the aforementioned widespread flaw in global phone networks.

11 of 98 comments (clear)

  1. Soooo.... by John+Napkintosh · · Score: 5, Insightful

    All they need is your phone number and access to the SS7 system.

    --

    Long signatures suck.
    1. Re:Soooo.... by Verdatum · · Score: 5, Interesting
      I haven't been in the telecom world for a little while, but, IIRC, this is a tricky thing to do on 3G, and nearly impossible on 4G. You need to get access to the user's private key, which, if the system is coding correctly, you shouldn't have access to without cracking another box. 2G is insecure as Hell, but everyone knows that.

      And yeah, they don't even need your phone number, if you get access to the user's local network, figuring their phone number out is a breeze.

  2. Uh duh by 110010001000 · · Score: 4, Insightful

    If you have access to the cell phone companies network, you can do what the cell phone companies do. Next on 60 Minutes: if a thief steals your car, he can drive it anywhere he wants to! Tune in at 11 for more SHOCKING details.

  3. No need to panic, the US is safe. by gsslay · · Score: 4, Funny

    "They acknowledged there have been reports of security breaches abroad, but assured us that all U.S. cellphone networks were secure."

    Oh, so that's alright then.

    1. Re:No need to panic, the US is safe. by JustAnotherOldGuy · · Score: 5, Funny

      "...but assured us that all U.S. cellphone networks were secure."

      Best joke I've heard all day. Right up there with, "Don't worry, it's unloaded!" or "I'm sure he'll stop for us, we have the right of way!"

      --
      Just cruising through this digital world at 33 1/3 rpm...
    2. Re:No need to panic, the US is safe. by Anonymous Coward · · Score: 5, Insightful

      With apologies to Arthur C. Clarke:

      When a distinguished but elderly computer scientist states that something is not secure he is almost certainly right. When he states that something is secure, he is very probably wrong.

  4. Re:Wasn't SS7 used by the phreaks? by Anonymous Coward · · Score: 5, Informative

    SS7 was the telco's efforts to block MFers using the "blue box"; Switching from in-band signalling to out-of-band signalling.

    SS7, however, provides some inter-carrier connectivity to enable roaming between carriers; With an IMSI, the visited network can ask the home network "can I give this IMSI service?"... and a deactivation from the home carrier's network to the visited carrier's switches can turn the phone off (used to suppress roaming fraud).

  5. Re:May as well walk around naked by Virtucon · · Score: 4, Funny

    May as well walk around naked

    Please don't

    --
    Harrison's Postulate - "For every action there is an equal and opposite criticism"
  6. Oldschool phone phreaking by DNS-and-BIND · · Score: 5, Interesting

    SS7...wow, that takes me back. I thought it had gone out with the landline. Yeah, SS7 has to know your number, that's kind of the whole point of the system, to be able to set up and tear down the call, and to bill correctly. Out-of-band signalling was the death of the oldschool phone phreak, who depended on being able to send tones down the line to control the call. Good ol' Phrack. And idiotic Phrack writers who didn't know what they were talking about. It's a good thing they didn't have comment sections back then, only a periodic publication. Erik Bloodaxe, Voyager, Sirsyko, and when Mudge wasn't an establishment tool. Netta Gilboa. RBOCs. Dumpster diving behind the phone company's central offices. Good times.

    --
    Shutting down free speech with violence isn't fighting fascism. It IS fascism!
  7. No, encryption is between the phone and cell base by mimino · · Score: 5, Informative

    No, the encryption is between the phone and base station, not inside SS7 network.

  8. I know everyone's phone number by thinkwaitfast · · Score: 4, Funny

    not only that, I have them all memorized. Don't believe me? Here's one. (301)437-5529. Here's another.(207)844-627. And yet know even more. (902)887-8535. I even know your phone number. Doesn't matter what country or where you live. I know them all.