Hackers use Congressman’s iPhone to demo ability to listen into calls, monitor texts, track location [Updated]
Apple may take iOS security so seriously that it’s willing to do battle with the FBI over it, but German hackers have demonstrated that all phones – even iPhones – are susceptible to a mobile network vulnerability that requires nothing more than knowing your phone number. Armed with just that, hackers can listen to your calls, read your texts and track your position.
…but that’s essentially the same thing as the mandated CALEA phone tapping capability that they forced on the industry. The only difference is that the Feds are provided their own channel into the network. This “hack” (which isn’t a hack) just uses a standard SS7 channel for access.
Sid Scriptkiddy isn’t going to sit in his mom’s basement and tap President Barrycade’s phone (unfortunately). This requires direct access to the SS7 network. You have to be part of the network. So you either build an SS7 server and get a contract with a common carrier to connect, or you have to find some open line into the SS7 system; the latter would be a hack.
SS7 providers should make sure access to their network is secure; no open dialups (believe me, it happens), no unsecured SCADA links. But “fixing” this “flaw” in the SS7 protocol itself…
…is impossible without either 1) eliminating much of the functionality that allows cell networks to operate, or 2) breaking CALEA. I’m all for the second option.
BTW, the articles make a big deal about this affecting iPhones, but read the fine print and you’ll realize that it affects all phones. Not all smartphones, but all telephones including that dinosaur wired to the wall in your kitchen. They won’t get the location data that a cell network has, but everything else is a go. They’re exploiting standard SS7 functions like Caller ID and call forwarding.