[HACKED] Is Someone Listening to Your Calls?

Category: Telephony

The April 17, 2016, edition of “60 Minutes” featured a deeply disturbing segment entitled, “Hacking Your Phone.” In it, a German white-hat hacker named Karsten Nohl chillingly demonstrated how easily he could track and eavesdrop on a U. S. Congressman's mobile phone. Is your mobile phone also vulnerable to the same hack...?

All Hackers Need Is Your Phone Number

In the 60 Minutes segment, Nohl gave a brand-new smartphone to Congressman Ted Lieu (D-CA). Lieu used the phone as he would normally use his personal phone. Nohl demonstrated on-camera that he was able to listen in on live conversations between Lieu, his staff, and other contacts.

Not only that, he could track Lieu’s movements through several California districts, using cell tower triangulation. Nohl also intercepted text messages and emails that originated or landed on Lieu’s phone.

The flaw is not in Android, iOS, or any other phone-based software. It’s not in hardware made by any handset maker. It’s not in an app. It's not limited to smartphones. It’s not the fault of Verizon, AT&T, T-mobile, or any other carrier. It’s in a system that underlies all of that; every cellular device on Earth is vulnerable.

Mobile Phone Hacking

The flawed system is called “SS7,” which stands for Signaling System No. 7. When cellular traffic moves between networks (Verizon to T-mobile, Sprint to AT&T, etc.), SS7 mediates the exchange, and other technical aspects of trans-network traffic. SS7 has access to every phone number on every carrier. And it's riddled with security holes.

There is little that consumers can do to protect themselves, because SS7 is far beyond their control. Nohl said during the 60 Minutes segment:

“The mobile network is independent from the little GPS chip in your phone, it knows where you are. So any choices that a congressman could’ve made - choosing a phone, choosing a pin number, installing or not installing certain apps - have no influence over what we are showing because this is targeting the mobile network. That, of course, is not controlled by any one customer.”

Not a New Problem

You know what’s really disturbing? Nohl demonstrated the same vulnerability two years ago, at a hackers conference in Hamburg, Germany. He described the vulnerability in detail, publicly. Yet it still exists, and no one is doing anything to fix it. In fact, SS7 was developed in the 1980s, so this is nothing new at all.

SS7 is not controlled by carriers, phone makers, or software developers. Effectively, in the U. S., the Federal Communications Commission has responsibility for and authority over how SS7 is implemented. The FCC has been studying the SS7 flaw ever since Nohl revealed it, but no action has been taken.

Perhaps the reason the FCC is in no hurry to fix the SS7 flaw is that it is very, very useful to the FBI, NSA, and other law enforcement snoops. We have no evidence that law enforcement is exploiting the flaw, but it seems extremely unlikely that they wouldn’t.

Is There Anything YOU Can Do?

The one thing you can do to protect your voice and data traffic from eavesdropping is to encrypt them from end to end; that is, from your phone to the recipient or sender’s phone.

Over two years ago, I wrote about Silent Circle's Blackphone which offes built-in encryption to protect phone calls and text messages. The downsides are cost and coverage. The Blackphone costs $800 and runs only on GSM networks, which limits you to AT&T or T-Mobile in the U.S.

But there are other options for encryption. “End to end encryption” is offered by the free messaging app WhatsApp, which has over a billion users worldwide. ChatSecure offers apps for iOS and Android that encrypt messages, Web traffic, and more, without tying a user to any particular network.

Using secure web connections (addresses that start with https) for all Webmail and other Web traffic provides the most basic level of encryption protection. Your email provider may or may not keep your email encrypted while it’s stored on the provider’s servers. All email between Gmail users is encrypted while it’s in transit or at rest on Google servers. (If Gmail sends email to another email service provider, that provider may or may not use encryption.)

It’s disgraceful that this SS7 flaw has been allowed to persist for so long. This is the time to write to your Congressperson and the FCC, demanding that it be fixed immediately. It's been "studied" long enough, don't you think?

Were you aware of the SS7 issue? Do you (or will you) use encryption on your mobile phone, now that you know about it? Your thoughts on this topic are welcome. Post your comment or question below...

Ask Your Computer or Internet Question

  (Enter your question in the box above.)

It's Guaranteed to Make You Smarter...

AskBob Updates: Boost your Internet IQ & solve computer problems.
Get your FREE Subscription!


Check out other articles in this category:

Link to this article from your site or blog. Just copy and paste from this box:

This article was posted by on 19 Apr 2016

For Fun: Buy Bob a Snickers.

Prev Article:
[QUICK] Uninstall QuickTime for Windows

The Top Twenty
Next Article:
Geekly Update - 20 April 2016

Most recent comments on "[HACKED] Is Someone Listening to Your Calls?"

(See all 27 comments for this article.)

Posted by:

19 Apr 2016

I treat email and cell phones like postcards. Someone isn't likely to read your postcard, but they can. Same with email and phone calls. Truly secure communication is an illusion unless you go to a lot more trouble than I ever feel the need to.

Posted by:

19 Apr 2016

Activate The Dome of Silence - if you need secure communications.

Posted by:

19 Apr 2016

Here's the problem - "Your cell phone knows more about you than you do". I don't know about link rules here, but here's what CGP Gray has to say about the subject:


It's well worth the 2-3 minutes to give you a clue why that statement is true. Laws written, as he points out, 200 years ago may NOT apply to *all* things in our modern culture.

Posted by:

19 Apr 2016

Why does the NSA need programs like Prism if they have SS7? I am sure the government is still bound by privacy laws and can't just listen in when they like, but SS7 worries me because of hackers. With a bit of social engineering and flaws like SS7 they could own your whole life, whether or not you "have anything to hide". I will be contacting my congresspeople.

Posted by:

19 Apr 2016

If the NSA or any other snoop wants to record my conversations, have at it, but they're just wasting their time. Many people believe that the Constitution endows rights, but I believe that if these so called "rights" were real, no law or government organization could take them away. Felons can not own or possess a weapon. A violation of Due Process at trial is allowed if considered harmless error. There are many other instances that can be sited; however, my point is that since we can lose our "rights" under certain circumstances, they are not rights at all, but simply privileges granted to citizens. Of course, I could be wrong, but that;s how I see it.

Posted by:

19 Apr 2016

Edward Snowden mentioned the capabilities that Mr Nohl demonstrated, so it seems the NSA is fully aware of the flaw and is actively exploiting it with government approval.

Posted by:

19 Apr 2016

Signal for Android encrypts VoIP calls on on phones but not tablets; if you can use WiFi to make a call, this will work. https://goo.gl/0CCSL

Kryptotel is another for Android. https://goo.gl/l6BXF8

Both provide some privacy protection even if only one party to a call or message has the app installed.

Never copy a foreign city's name from a news article found on the Web without verifying spelling. :-)

Posted by:

Robert A
19 Apr 2016

Even if someone says they have nothing "important to say," they should still be concerned about the privacy aspect of cell phone communications for all cellphone users. Knowing that some hacker can listen in on our private conversations is downright scary.

Granted, most of us have mundane chats more than 95% of the time, but there may be times when the average Joe, or even celebrities, need to discuss something personal and private - giving out credit card, SSNs or other account numbers, for business purposes, or passing along personal information during a personal crisis. With landline telephones, at least there was a real sense of privacy.

I'm sure guys like Buffet, Zuckerberg and Bezos (Amazon), and others, often discuss business on their cell phones, possibly more than 50% of the time. They need privacy from hackers, who may uncover and post on-line, proprietary information or business dealings, such as possible mergers or divestitures which could seriously affect the national economy or the stock market.

I suspect the only way this privacy issue will be changed is when member of Congress or the FCC get hacked, and have their private information exposed for all to see.

Posted by:

19 Apr 2016

If this flaw is only there if traffic is between different networks arrange your 'secret' calls with whomever you really want to be secret using phones with the same network. Job done.

Posted by:

Mark Miller
20 Apr 2016

I also, agree with KRS. My cell phone is turned off except when I leave my property. I only use it for infrequent calls home (grocery shopping) or in an emergency. It is a Tracfone and I have accumulated over 1800 roll over minutes. I costs me just under $8.00 a month. Every thing is paid with one of 2 credit cards - checked daily and balances paid off every month. As an aside, my wife and I are debt free with our mortgage on our home on seven acres paid off.

Posted by:

20 Apr 2016

But if emails can be read, the encryption of WhatsApp won't help, will it? Is there any way to secure emails received and sent on, say, an iPhone?

The casual attitude of many readers here about this security hole is disturbing. The information that others can get with hacked phones is precisely what can lead to devastating identity theft. And being able to track where you are allows a thief to know when to strike your home, etc. It takes only a little imagination to see how much harm can be done through this kind of information loss. Readers need to think more and be less apathetic about the risks they face. The day they wake up with nothing left in their electronic accounts will be too late to start thinking about security.

Posted by:

20 Apr 2016

Was not aware of these ramifications of SS7, but did shoot an email to my congressman ... interesting to see what the response will be.

Posted by:

20 Apr 2016

Hi Bob,
Interesting, will using a VPN help?

Posted by:

20 Apr 2016

To Mark Miller: Even if your phone is off, your phone location can be tracked via the internal GPS. You actually have to take out the battery to avoid that.

Bob, sounds like this vulnerability would enable foreign agents to track movements of any key gov't personnel who carry cell phones. Hard to imagine they haven't been using it.

Posted by:

Doofus Dandy
20 Apr 2016

Bob, I always read your emails and at least half the time I read your full article---many times I am afraid to make changes you might suggest. I am chicken to mess with the computer. But your articles are usually well-written, timely, understandable, and most helpful, even to neophytes like me.

I have never in my life done anything like this blog posting, nor do I even know how to spell t-w-i-t-t-e-r, let alone try to do it. No, I do not carry a cell phone, unless in my auto counsel for emergencies. So maybe that is one reason I am not too sympathetic to those who feel soooooo wounded when they learn our government has access to their conversations. One thing you did not point out, is that unlike the general vacuum NSA programs, this kind of spying cannot be done unless they first show probable cause and obtain judicial approval.

WHY do people like 60 minutes have to always expose what is a useful tool for our security? Anyone who has read Dan Brown's DIGITAL FORTRESS -- now already 18 years old -- knows that this stuff is essential to our national security, and that it has forever been going on. And 60 minutes (—and even you, Bob) was irresponsible for failing to point out that any eavesdropping on a specific phone must first be authorized by a judge.

Yet 60 minutes and the snowden traitor crowd insist on breathlessly bringing out into the open and thereby ruining some of our most useful tools. Around the world the bad guys are giving thanks to the snowden/60 minutes crowd.

There is NOTHING whatsoever to "fix" here—so if I were to write to my congressional group, I would tell them to sanction 60 minutes for undermining our ops. Indeed, the ONLY thing to “fix” is their attitude that gaining notoriety by exposing and thereby ruining our country's MOST USEFUL tools trumps what is needed to fight the bad guys.

Someday it would be poetic justice to see the 60 minutes producer/executive crowd--and others like them who think it is their duty to ruin our national security just to put on a TV show--suffer a crime that could not be avoided and cannot be solved because authorities lost their spy hole into a phone, and now the messages of the perps were so encrypted we could not read them. That would be justice delivered!

Posted by:

Dave Fox
21 Apr 2016

Doofus, I would not worry about the Govt. half as much as I would about all the slease bags that could hack all your info. and do severe damage to you, and your family.

Posted by:

Robert A.
21 Apr 2016

Doofus Dandy: Did you really read Bob Rankin's article? Nowhere did Bob mention anything about the NSA or CIA hacking into cell phone. The hacking Bob is writing about is from so-called "Black Hat Hackers," the antisocial bad guys who, will try to learn your Social Security number, various credit and bank account numbers, etc., to do you personal financial harm.

These guys have cracked cell phones' GPS systems and, if one is targeted, can tell if and when one is at home, or away from home, leading to the possibility of a burglary or other domestic mayhem. These guys are akin to the scumbags who try to infect a computer with viruses and other malware, or spam one's computer with bogus letters they want you to believe are from businesses and banks, to get personal information that will be used to hurt you.

By not patching these flaws in the leaves everyone open to potential harm. It is the equivalent of leaving one's windows and doors open and unlocked in the house, when one leaves for a two-week vacation.

Posted by:

21 Jul 2016

Would similar vulnerabilities apply to calls made on landlines using VOIP?

Posted by:

31 Oct 2016

Thanks for sharing the information. This app is good ,but LEO Privacy is much better with many cool features. It is a very useful app lock to me. It provides me app lock so that I can secure my personal details from others. It provides hiding pictures option so that I can hide my pics/videos. https://goo.gl/BCKwGq

Posted by:

Dave J
18 May 2017

The tracking ability has saved quite a few lives in the last few years. For instance the CAP's cell phone tracking team has "assisted" in the rescue of numerous lost persons and folks involved in survivable aircraft crashes by directing rescue teams to the close location of the victims. They primarily use the triangulation method but if the GPS transponder is working that's an even better "locator" of one who needs help.

There's more reader feedback... See all 27 comments for this article.

Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter

Copyright © 2005 - Bob Rankin - All Rights Reserved
About Us     Privacy Policy     RSS/XML

Article information: AskBobRankin -- [HACKED] Is Someone Listening to Your Calls? (Posted: 19 Apr 2016)
Source: https://askbobrankin.com/hacked_is_someone_listening_to_your_calls.html
Copyright © 2005 - Bob Rankin - All Rights Reserved