Phone Hacking Fears and Facts

Posted by K R on

Apple’s ongoing standoff with the government over passcode-protected iPhones is still raising unprecedented alarms over smartphone security and privacy. For example, a 60 Minutes segment this week outlined several ways hackers can hijack phones from anywhere in the world to listen in on private conversations, read e-mails and even use phone cameras to spy on their owners. That hacking method exploited an unsecured, decades-old telecom protocol called Signaling System 7 (SS7) to tap into U.S. Rep. Ted Lieu’s (D–Calif.) mobile phone and listen to his conversations. Lieu gave his permission for the demonstration and now wants the House Committee on Oversight and Government Reform to investigate the problem. The hack caused such consternation in Congress that a fellow House member appears ready to butt heads with Lieu over the right to call a hearing. Rep. Greg Walden (R–Ore.) claimed the House Energy and Commerce Committee’s Subcommittee on Communications and Technology, which he chairs, has jurisdiction over the matter. The good news: Although the SS7 system will indeed work for spying on older phones, it is useless against encrypted communications such as Facebook’s Whatsapp, Apple iMessage and phone calls made over 4G (and newer) networks. And the SS7 hack can only poach data in transit—it cannot be used to access data stored on a smartphone. “The ability to exploit SS7’s lack of security has been known for some time,” says Dan Kaufman, founder and chief technology officer of Brooklyn Labs, a software company that builds mobile apps for the iOS and Android operating systems. He says security researchers first described phone hacking via SS7 in late 2014 but Apple’s high-profile battle with the U.S. Department of Justice caused the issue to resurface recently. “Now everyone I know is trying to exploit the iPhone,” Kaufman adds. Read More: Scientific American

Share this post

← Older Post Newer Post →


Leave a comment