Call Privacy Virtually Non-Existent Because Of Poor SS7 Security

[Guest]

Poor SS7 protocol security makes everyone vulnerable to call, message and location tracking.

Call Privacy Virtually Non-Existent Because Of Poor SS7 Security : Read more

 

[Achoo22]

This article would be much more interesting if the author tried the software out personally and reported on the results.

 

[jalek]

It takes fake cell towers? Weren't those in the news recently as one of the ways the US government has been monitoring the people it supposedly serves?

 

[MustSee4KTV]

Jalek, I remember a news story (I think it was 60 Minutes) about 2 farmers that wanted to test the hack. They said that all the equipment they need to build it was $6000. The put it on a model bi-plane/drone (included in their price) and programmed it to fly in circles. They tested it in their fields as not to intercept someone else's calls, but they of course intercepted their own calls and could hear everything that was said. They said that they were surprised more governments don't do that. The plane is now hanging at the International Spy Museum in D.C.

 

[Woody87]

A solution to the two factor email authentication vulnerability would be to use a virtual phone number to authenticate the email account that is tied to a different email account and set that virtual number to send you an email instead of an SMS text with the authentication code. The email is encrypted and thus they would need to hack both email accounts simultaneously to obtain access. I wonder how many people change their mobile phone number and forget to reset their email authentication before leaving the store? not a problem with virtual numbers.

You can further enhance security by limited email access to specific devices if your provider allows it.

Also...voice and SMS aren't meant to be secure....We used to use party lines...Remember how easy it was to wiretap a landline with a portable radio earbud? Back in the days of early cellular you could listen to other people's phone calls with a scanner you could buy at Radio Shack. Early wireless house phones could be intercepted with a baby monitor. We've actually made it more of a challenge to eavesdrop but the bottom line is don't expect your phone and SMS to be totally secure.

 

[toadhammer]

LTE is fairly secure; the phone has to be authenticated by the network, but the phone also authenticates the network. Makes it very hard to fake. Unfortunately, it is still possible for a fake basestation to force the phone to fall back to 3G or 2G, which are vulnerable.