Cell Phone Privacy; Rankin Article on "Hacking" Your Phone Calls

[Joe]

Bob Rankin has another fine article about "hacking" your cell phone calls. It is based on a news segment aired on the TV news program 60 Minutes, where a "white hat" hacker (Karsten Nohl) gave a US Congressman a cell phone and then, knowing only the cell phone's number, was able to hack into the Congressman's phone conversations, texts, emails, yada yada yada.

Nohl was able to do this by tapping into a flaw in the basic technology used by all cellphone companies.

The flawed system is called “SS7,” which stands for Signaling System No. 7. When cellular traffic moves between networks (Verizon to T-mobile, Sprint to AT&T, etc.), SS7 mediates the exchange, and other technical aspects of trans-network traffic. SS7 has access to every phone number on every carrier. And it's riddled with security holes.

There is little that consumers can do to protect themselves, because SS7 is far beyond their control. Nohl said during the 60 Minutes segment ...

What can you do? Rankin writes:

Over two years ago, I wrote about Silent Circle's Blackphone which offes built-in encryption to protect phone calls and text messages. The downsides are cost and coverage. The Blackphone costs $800 and runs only on GSM networks, which limits you to AT&T or T-Mobile in the U.S.

But there are other options for encryption. “End to end encryption” is offered by the free messaging app WhatsApp, which has over a billion users worldwide. ChatSecure offers apps for iOS and Android that encrypt messages, Web traffic, and more, without tying a user to any particular network.

Using secure web connections (addresses that start with https) for all Webmail and other Web traffic provides the most basic level of encryption protection. Your email provider may or may not keep your email encrypted while it’s stored on the provider’s servers. All email between Gmail users is encrypted while it’s in transit or at rest on Google servers. (If Gmail sends email to another email service provider, that provider may or may not use encryption.)

Rankin also urges you to write to your Congressperson and the FCC demanding that the problems be fixed immediately.

[HACKED] Is Someone Listening to Your Calls?