60 Minutes feature scares people on mobile hacks


60 Minutes ran a piece on mobile phone hacking. A lot of it seems sensationalism, but might have some interesting bits.

The lead item on the SS7 telecom system seems suspect. Essentially they demonstrate how someone could listen in on your phone calls and SMS messages knowing only your phone number. SS7 is very old standard (think 1970's) and probably not designed itself to be a secure protocol. The systems, however, running SS7 are secured. I think to do what they're doing you'd need to access the telecom system. So, yeah, once your in that door you've got access to the system. Same deal it seems with location data that was presented. The group profiled was granted access to SS7 by several international carriers so they could do security research. This is a key piece as to how they were able to do what they did. That's not to say others can't do this, it just may not be as easy as depicted since the demonstration involved permitted access.

One part I thought was particularly inserting, however, was when apparently driving by certain government installations devices were probed. I'd wonder if this was use of Stingray-like cell devices or some other means.