Hackers need only your cell number to eavesdrop on your phone

[RV_]

It is a big item in the news today, security hacks done with videos of hackers watching from a turned off cell phone's camera with no indication or lights to tell it is being used remotely. How? For anyone who can use the bandwidth to watch the video replay of the 60 Minutes segment, it is a chilling wake up call. However the human element is explained and you can learn from it a lot you can do for your security. This applies to iPhones, Android, and Windows mobiles. The video does not come on automatically so the article can still be read by those with very limited bandwidth. They show it being done, easily, and how. 90% of it you can avoid happening to you because of yourself. Easy once you know. If the excerpt seems daunting technically, try to get to where you can watch the video which is very non technical and shocking.

 

Excerpt:

 

"A security flaw in the cell exchange system can let hackers listen in on your phone calls. But while federal agencies have done little to fix the flaw, intelligence agencies are said to be still exploiting it.

 

It's one of the most personal ten-digit numbers in your life, but that's all a hacker needs to listen in on your phone calls, read your text messages, and track your location.

 

A new report by sister-site CBS News' "60 Minutes," broadcast Sunday evening after two years in the making, shows how millions of smartphones users are vulnerable to eavesdropping and surveillance -- despite advancements in protections on most phones.

 

It's done by exploiting a flaw in Signaling System No. 7 (SS7), a little-known but crucial system that brokers information between phone networks. SS7 handles that translation every time you send a text or make a call.

 

By targeting SS7, an attacker can see almost everything that passes through the system.

 

German security researcher Karsten Nohl, who revealed the flaw more than two years ago at a hacker gathering in Hamburg, said the flaw still exists. The Federal Communications Commission (FCC), which regulates the cellular space, is said to have done nothing since it first begun looking into the flaw.

 

To prove a point, they hacked a congressman's phone -- albeit with his permission.

 

"They could hear any call," said Rep. Ted Lieu (D-CA, 33rd), a privacy advocate, "It could be stock trades... it could be calls with a bank."

 

The whole article with the startling 13 minute video of phones being hacked even watching through the phone without the knowledge of the owner is here: http://www.zdnet.com/article/how-hackers-can-listen-in-on-your-calls-and-read-your-texts/?tag=nl.e589&s_cid=e589&ttag=e589&ftag=TREc64629f

[hemsteadc]

I suppose.. but this is like getting warnings that airplanes crash. Yet we fly anyway.

[Kirk W]

...........................

[RV_]

[jjwicklund]

Most of the calls I receive are telemarketers, the ones I make are calls to Sandi to find her in Walmart neither of which are extremely interesting.

[RV_]

jj,

Some folks use their phones for payments and online banking. Others don't. If you watched the videos, it isn't just listening in, they can intercept keystrokes and retrieve data. 60 Minutes did a good job reporting on it.

 

We do a lot of online buying and selling, and all of our banking. But that's at home on our desktops with some extra security. We don't trust our phones to be secure enough to put our bank and credit card credentials on them either. Some do.

[colddog15]

Old news -- just took awhile for 60 Minutes/CBS find out. In fact this was covered (brought to the public attention) years ago in a various hacker groups.

 

Frankly no one is safe from a state actor ie government. But using a cell phone is no more safe or unsafe then using wifi connections at home.

[RV_]

Guys I am a tech. Of course we knew but right now the attacks for androids and iPhones are increasing. And years ago when we knew this, we did not have folks who did banking and check deposits with them.

 

I post here for the non tech types and not the techs or really techy types so if all you have to say is you knew it sooner no points. If you want to establish your creds here start threads to help the members who aren't computer savvy as you to help. Please do share your knowledge. Meh, that's old info helps no one.

 

I look forward to your posts here.

[jerryneal]

There were two different hacks in the CBS report. One was from opening a file from an email. Oldest hacker trick around. I don't open any email attachments unless I'm expecting the information from the sender. I was a large infrustructure telecommunications engineer for 30 years. The SS7 network is extremely secure. From the CBS report, the security firm was given access to the network in conjunction with the German government and their nation telecom for testing purposes. Best guess is the only one using the SS7 flaw are those 3 letter agencies we are constantly reading about. Bottom line, don't say it if you don't want it heard and don't type it if you don't want it read.

[Pappy Yokum]

Guys I am a tech. Of course we knew but right now the attacks for androids and iPhones are increasing. And years ago when we knew this, we did not have folks who did banking and check deposits with them.

 

I post here for the non tech types and not the techs or really techy types so if all you have to say is you knew it sooner no points. If you want to establish your creds here start threads to help the members who aren't computer savvy as you to help. Please do share your knowledge. Meh, that's old info helps no one.

 

I look forward to your posts here.

 

 

How did we evvvver survive without cell phones??

 

How were banks able to avoid failure - before cell phone transactions??

 

Couldn't figure out why a vehicle was making herky jerky maneuvers in a shopping center parking lot today.

 

Turns out the gal driving (no offense ladies) was juggling her triple late in one hand, holding her cell phone to her ear

with the other.

She obviously had more on her mind than being hacked, LOL!

 

(me too!)

 

.