Hacking Your Phone

[George W. Maschke]

On Sunday, 17 April 2016, CBS 60 Minutes aired a segment titled "Hacking Your Phone" that will be of interest to AntiPolygraph.org readers, and indeed, to anyone who uses a cell phone. The story documents how any cell phone can be remotely monitored owing to critical vulnerabilities in the Signaling System 7 database, which underpins international cellular telephony. For example, a security researcher in Berlin demonstrated how he could trivially monitor anyone's cell phone (so long as he knew its number) by recording a phone conversation between a U.S. congressman and a staffer:

http://www.cbsnews.com/news/60-minutes-hacking-your-phone/

Unfortunately, the story didn't go into what individuals can do to keep their communications private. Here are some solutions I recommend:

1. Install WhatsApp, which is free and available for Android, iPhone, Windows Phone, Blackberry, and Nokia operating systems. As of April 2016, WhatsApp encrypts all texts, photos, recorded audio messages, videos, and voice calls using strong end-to-end encryption. WhatsApp has a huge user base (over one billion), and it's likely that some of your contacts already have it.

In addition, WhatsApp has a very handy web app, which lets you use it on a desktop or notebook computer, so you can write private messages using all ten fingers:

https://web.whatsapp.com

2. Install Open Whisper Systems' free Signal Private Messenger, which is available for Android and iOS. Signal is not as feature rich as WhatsApp and has a smaller user base, but it may do more than WhatsApp to limit metadata (records of who is communicating with whom, when, and how long). AntiPolygraph.org can be contacted via Signal at +12028102105.

3. Install Wire, which is available for Android and iOS as well as for Windows and Macintosh computers. Wire is free and unlike WhatsApp and Signal, it also supports secure video calling. Wire provides for greater anonymity in that your user ID need not be associated with a phone number or e-mail address (although you can choose to associated them so that your contacts can more easily find you). My Wire user ID is "George Maschke" (without the quotation marks).

[fanofthissite]

Just watched it. Amazing. I never heard of Signaling System 7.  Hackers always impressed me, whether for good or bad, hackers are so far ahead of our government.  I would bet on a DefCon hacker winning against some secure FBI or NSA system any day.

[xenonman]

Are landlines still safer, both technologically and legally, from interception?
I know that I represent the Stone Age, but I still much prefer using a landline phone, NOT a "smart" one.  I'm actually so ancient that I can even remember when the term "landline" generally was only known and used by the police!

[George W. Maschke]

Are landlines still safer, both technologically and legally, from interception?

With a warrant, both landlines and cell phones are readily wiretapped, and phone companies will facilitate that. Both landlines and cell phones are also vulnerable to warrantless wiretapping. Cell phones are additionally vulnerable to IMSI-catchers, whereas landlines are not.

The bottom line, however, is that if you want to have a private electronic communication, it needs to be end-to-end encrypted. This is easiest done using computers or smart phones (which are, in essence, computers that also make phone calls).