Congressman calls for probe of longstanding mobile security flaw
The SS7 vulnerability has been known about for nearly two years.
It's no secret that Signaling System 7 -- a set of crucial protocols that define how phone calls, messages and data are routed through networks -- is flawed. Thanks to a recent report by 60 Minutes, though, at least one member of Congress was spooked enough to try and do something about it. According to The Daily Dot, Rep. Ted Lieu (D-CA) is now calling for a full investigation into the flaw that let a well-known security researcher track his movement through Los Angeles and record his phone calls without his knowledge.
"The applications for this vulnerability are seemingly limitless, from criminals monitoring individual targets to foreign entities conducting economic espionage on American companies to nation states monitoring US government officials," Lieu wrote in a letter to the chairman and ranking member of the House Committee on Oversight and Government Reform. Curiously, Lieu didn't raise the possibility of governments quietly eavesdropping on its own citizens -- maybe that was already a given.
In case you missed it, Lieu was given an off-the-shelf iPhone by the 60 Minutes crew, and then proceeded to use it for work calls... with the express understanding that it might be hacked. Not long after, Security Research Labs' Karsten Nohl -- who brought the SS7 flaw to prominence about two years ago -- was able to access the congressman's privileged information. Lieu was right to have been concerned: because the SS7 protocols dictate how networks deal with routing text messages, roaming and more, the flaw can leave phones open to snooping regardless of what operating system they run. For now, the only real way to keep your dispatches safe is to use apps -- like Signal and now WhatsApp -- that encrypt your communications end-to-end.
