Huge privacy flaw uncovered in mobile phone networks

In the last year or so there’s been a lot of bad news about how intelligence agencies and hackers can exploit weaknesses in internet communications to snoop upon our conversations and private messages.

Indeed, such has been the avalanche of revelations that it’s not uncommon at all to hear security researchers advise you to turn off your phone’s WiFi, and communicate via regular calls vand SMS messages instead because of the 3G phone network’s built-in advanced encryption.

Well, there’s bad news folks…

Two German security researchers have uncovered what they claim are serious security flaws that could allow criminals and intelligence agencies to spy upon private phone calls and text messages transmitted via cellular networks.

The problem it appears is in Signal System 7 (SS7), a global telecom network that you may never have heard of, but which assists phone carriers around the world route your calls and text messages.

The Washington Post reported that researchers Tobias Engel and Karsten Nohl discovered security holes in some of SS7’s functions normally used for keeping calls connected as they “speed down highways, switching from cell tower to cell tower.”

The belief is that national intelligence agencies are likely to be conducted similar research and could be exploiting the security holes to gather information – something which could potentially impact users around the globe:

Experts say it`s increasingly clear that SS7, first designed in the 1980s, is riddled with serious vulnerabilities that undermine the privacy of the world`s billions of cellular customers.

Those skilled at the myriad functions built into SS7 can locate callers anywhere in the world, listen to calls as they happen or record hundreds of encrypted calls and texts at a time for later decryption. There also is potential to defraud users and cellular carriers by using SS7 functions, the researchers say.

Specifically, the German researchers say they have uncovered two ways to spy upon phone conversations using SS7 technology.

Firstly, commands sent over SS7 can hijack a cell phone by forwarding any calls it receives to hackers, and then onwards to the intended recipient. With such a system in place, calls can be secretly recorded.

Secondly, hackers in close proximity to their intended target could use radio antennas to scoop up all calls and texts passing through in the area – requesting through SS7 a temporary key to decrypt recorded communications.

Last week, Nohl put his discoveries into practice, demonstrating how he was able to grab and decrypt a text message sent from a German senator’s cell phone. Fortunately the senator agreed to be part of the demonstration.

Privacy activist Christopher Soghoian, who is principle technologist at the American Civil Liberties Union, told Gizmodo that people should not consider their regular voice calls secure.

For secure conversations, use third-party tools like FaceTime, Signal or RedPhone which “allow you to have secure communication on an insecure channel.”

I would certainly welcome seeing more people install secure communications apps like these. The only problem I have found with them is that the vast majority of my contacts seem never to have heard of them – let alone installed them on their smartphones.