Researchers Discover SS7 Flaw, Allowing Total Access To Any Cell Phone, Anywhere 89
krakman writes: Researchers discovered security flaws in SS7 that allow listening to private phone calls and intercepting text messages on a potentially massive scale – even when cellular networks are using the most advanced encryption now available. The flaws, to be reported at a hacker conference in Hamburg this month, are actually functions built into SS7 for other purposes – such as keeping calls connected as users speed down highways, switching from cell tower to cell tower – that hackers can repurpose for surveillance because of the lax security on the network. It is thought that these flaws were used for bugging German Chancellor Angela's Merkel's phone.
Those skilled at the housekeeping functions built into SS7 can locate callers anywhere in the world, listen to calls as they happen or record hundreds of encrypted calls and texts at a time for later decryption (Google translation of German original). There is also potential to defraud users and cellular carriers by using SS7 functions, the researchers say. This is another result of security being considered only after the fact, as opposed to being part of the initial design.
Those skilled at the housekeeping functions built into SS7 can locate callers anywhere in the world, listen to calls as they happen or record hundreds of encrypted calls and texts at a time for later decryption (Google translation of German original). There is also potential to defraud users and cellular carriers by using SS7 functions, the researchers say. This is another result of security being considered only after the fact, as opposed to being part of the initial design.
How naive... (Score:4, Insightful)
"Flaw"? Is anyone really that ignorant these days? This is not a bug, it's by design.
Re:How naive... (Score:4, Interesting)
Yes, flaw. SS7 dates back to the late 70s, and has roots all the way back in the early 60s. Nobody encrypted anything back then, it was a miracle it worked at all.
So, clearly SS8 (or whatever) needs to take this into consideration, but...
eh, sonny, back in the day... (Score:4, Informative)
I tripped over the ruts from the SS7 bandwagon over a decade ago. back then, you had to be in the CO and on the terminal of the Stratum server to spy on SS7 traffic. ability to scoop up the slop in a bucket came later.
Re: (Score:2)
I'd post a picture, but I'm not going to slash my own server. :-)
Ours was connected to the company LAN -- so you could telnet to it. It originally lived next to the HVAC in the room with the LD switch (Alcatel 600e.) In the Grand NOC Redesign of 2001(TM), it was moved to the desks in the NOC which moved to the CO.
Comment removed (Score:5, Insightful)
Re: (Score:2)
The issue is the amount of blind trust still in the system to this day. Even in the Mitnick hacking era of the early 90's, the system needed to be modernized. Security through obscurity doesn't work. "Lack of physical access" isn't a sufficient barrier. (and really never was. How many telcos had (still have) dialup modems on rcv and tlws ports, with little or no authentication? The telco I worked for did for over two decades -- to everything not just the 5ESS's, before moving them to terminal servers on the
Re: (Score:2)
Re: (Score:1)
Yeah sure... (Score:2, Insightful)
The only flaw I see in this is that someone discovered the intentional backdoor. This was not unintentional by any means.
SS7 was an intentional feature (Score:4, Informative)
SS7 stands for Signalling System No. 7
SS7 protocol enable the cellphone network to identify the identification of a certain user, no matter where that particular user turns up
Best pick up one of these (Score:1)
Re:Best pick up one of these (Score:4, Informative)
The only defense is using encrypted calls and encrypted text messages.
Re: (Score:1)
The only defense is using encrypted calls and encrypted text messages.
You sent that message in plaintext, you insensitive clod!
Re: (Score:2)
With the right key and cipher, it could be an encrypted message to pick up milk and eggs on the way home from the store.
Re: (Score:3, Interesting)
The obvious solution is just have the handsets negotiate. There is absolutely no "good" reason call setup between two cellular handsets (or any other digital endpoint for that matter) should not feature some kind of certificate validation step between the end points followed by the exchange of uniquely per call generated symmetric key exchanged securely using the same PKI used to validate the certificate authenticity. Essentially SSL for phone calls.
People could use third party CAs like they do for the web
Re: (Score:2)
I did not give them a back door either. I you can check the thumbprints of the certs are not changing or not trust any third party CA's if that what YOU want to do under my scheme. For most folks that won't be practical, we will want to be able to call people and organizations we have never been in a position with to safely exchange keys; so just like on the web we will have to trust some third parties.
By making it easy to exchange certs directly with people you do meet in person you remove the CA chain f
Re: (Score:2)
[1] Do you have a better technical solution?
[2] Does your solution work without requiring the carriers to spend billions radically altering/upgrading their infrastructure
[3] Can your proposal somehow conceal which endpoints calls are between?
[4] Can your proposal somehow conceal the duration of the call, beyond padding it out for some additional period?
[5] Can your solution easily inter-operate on with existing endpoints?
1. Yes.
2. Yes.
3. Limited, but your solution is a no.
4. No.
5. Yes.
The solution you proposed requires the underlying transit layer. In this case, it appears that you are suggesting to use the established voice call to do the further exchange over that. I think that's a little silly since there are better transports available on virtual all phones that your solution is targetting (IE: IP).
If you want your proposed solution, then use an app that does encrypted voip. The IP part can be used to further protect yo
Re: (Score:2)
The protocol needs to start over clear voice, but than you do the equivalent of "STARTTLS" and see if the remote end answers. If it does you disable squelch and start applying the cipher to the payload in the audio packets as you build them, leaving the containers format in place, headers, sync bytes etc.
As far as the network is concerned it will still look like parametrized g.729 audio to the network. It will just decode as noise unless you possess the cipher. Which will be much more economical for most
Re: (Score:2)
Ok, so I was completely accurate in my depiction of what you are proposing:
It should be possible to do something similar using the voice layer, but then the #1 is worse, and the call route can easily be move around anywhere, and it'd be packetized voice, encrypted, then turned analog, then going over voice, which goes over a digital network for parts of the transit, and unwraps again on the other side, with nearly all the same drawbacks to the existing system.
What's the point? I'm stretching here, but I can only think of two benefits to sending the packetized and encrypted voice data over the existing voice network:
1. You could still use a POTs line if you plugged in a handset that had the ability to speak that language (ie. you have a buy new handsets or a house-wide filter)
2. On the cell network, it could still work when you lose data (3g/4g/roaming/etc) but happen to still have enough
LOL. (Score:1, Interesting)
Re:LOL. (Score:5, Insightful)
SS7 dates to the '70s. Pretty much no communications protocols intended for general use were designed with even the thought of security at the time. The number of players in the game was small enough that any bad behavior could be rooted out fairly easily.
Look at email for the same basic problem, it was designed with the assumption that the parties involved could be trusted because on the networks it was designed for that was generally the case. Over time the trustworthiness of the network was degraded for reasons both good and bad, but the common protocols had already been established by then and it's a long road to change.
I won't argue that there probably has been some "influence" on decisions about adopting more secure replacements, but it's a bit tinfoil hattish to claim that the protocols themselves were intentionally made insecure when it's well documented that most protocols from that era just weren't designed to try to be secure in the first place.
Re: (Score:2)
Re: (Score:2)
Also, computing technology was large, slow, power hungry, and expensive. Cryptography was primitive due the lack of cpu processing to handle the complex math, and doing it in hardware was another exercise in expensive. Any considerations for security would've quickly been dismissed as a) unnecessary, and b) prohibitively expensive.
Why haven't "we" updated the system? Because there's an immense amount of "legacy" gear still running the PSTN to this day. The AT&T 5ESS local switch I walked past several ti
Hardware Security (Score:5, Informative)
SS7 pre-dates the modern processing explosion. Early systems were stretching their embedded 386 just to handle the protocol messages. Any additional security would have made the systems pretty much impractical for another few years.
As a result, it was designed around physical security of the signalling lines, and that is pretty much the way it has stayed. Only certified equipment gets connected to core equipment. Foreign equipment goes through an SS7 gateway (really a firewall of sorts). Encrypted tunnels are use for connecting SS7 networks over insecure channels.
So basically your calls are as good as the physical security of the core switches. Which is generally pretty good. And if you have physical access to the core switches, then there are probably many other ways you could listen in anyway.
Re:Hardware Security (Score:5, Interesting)
yea, I've been laughing about this story... If this scares you, never look up how landlines work, that'd terrify you. lol
You could take pretty much any speaker you wanted to, run a jumper to the switch and listen to any phone call you wanted. ANYONE in your neighborhood can walk over to any one of the hundreds of pedestals in your neighborhood and do the same. If you really want to get fancy you can go get a butt set off Amazon for $10 and dial out to. And all that's before we get to someone with switch access... they can issue commands to link your call to another number so they can listen in, etc...
You've absolutely no privacy on a land-line phone call.
Re:Hardware Security (Score:5, Insightful)
Re: (Score:2)
Except with the land line, someone has to go find your physical wire pair and connect to it. This is a software hack.
No they don't. ;-)
The switch has a modem that you can dial into... and yes, they are still connected and used a lot.
The call can be rerouted to any number on the planet.
Some switches only have 1 login that's shared by all the programmers
Remember, this hardwares from the 60's, 70s, 80s...
Comment removed (Score:5, Interesting)
Re: (Score:1)
Funny. The phones of that era (70s/80s) were mechanical. The handset speaker/mic weren't physically connected until the handset was lifted -- the phone went "off hook". The ringer was a solenoid, swing arm, and one or two bells -- so the ringer was useless as a "listening device". Until the advent of digital (speaker) phones, these sorts of line seizing hacks were of very little value. Even the early electronic touch-tone phones of the 80s had no speaker/mic connected until the handset was lifted.
Re: (Score:3)
Re: (Score:1)
Ah, it's a hardware "bug" that has to be placed in the phone -- as that's where most interesting conversations will happen. It can technically be attached to the phone line anywhere. Putting it in the phone means it'll obviously have access to the line, will go where ever the phone goes, and will be in the vicinity of most conversations. It can then be activated by a special incoming call that it answers before any ring is generated. (or without a ring being signalling at all.)
This is in contrast to what I
Re: (Score:2)
You could take pretty much any speaker you wanted to, run a jumper to the switch and listen to any phone call you wanted.
Back in the day I had a friend who worked for a phone company. As a part of their QC they had a speaker in their office that was connected to various random landlines in order to keep a check on call quality. (In hindsight the choice of lines is a bit suspect)
He told me a story of one call they heard, about the mother of little johnny calling up a phone sex line (but not knowing it was one) and wanting to know what all these charges were for. The phone sex worker tried to sidestep the issue by saying tha
Re:Hardware Security (Score:4, Interesting)
Your friend is most likely lying. The phones in the switch (specifically for QC) would only hear one side of the conversation. If you hear both sides, there was an echo issue (and the conversation wouldn't continue between the two parties).
If the speaker was connected to a local loop, then it would hear both sides. (While I agree it should not have been connected to a local loop, I would not be surprised if (occassionally) it was.)
Phones designed for use with traditional land lines have echo-suppression circuits. As do the equipment at the switching office. This was done to avoid the cost of a third wire and because using either earth or electrical ground was too noisy.
An old design: http://www.epanorama.net/circu... [epanorama.net]
A somewhat modern design: http://www.epanorama.net/circu... [epanorama.net]
Also, very early telephone designs did not have echo suppression. I have one that one of my grandmothers bought at an auction (a certificate of legal sale was included with the phone). In theory, it is compatible with the current land line system, though I have never tried it. It is very similar to this: http://oldphoneman.com/images/... [oldphoneman.com]
Re: (Score:2)
Re: (Score:3)
Where do you live that you don't get any rain?
Re: (Score:2)
Re: (Score:2)
I'm glad my pedestal is in my back yard. Probably not comforting for my neighbors that the fence blocks their view of it. At least it's not near the road were a kid taking a leak on it would cause static on the line. I feel sorry for the tech that had to trouble shoot that one.
Anyone can tap your call from any point in the route between you and the CO. Someone could be half a mile away and still do it.
Though, if the plants been modernized, it's probobly MUX'd (turned digital) after before you hit 30,000 feet.
Re: (Score:3)
Even the phone company used to do it wrong.
Before I left for college in '85, we had a second phone line (which basically became my line). When I went away, my parents got it disconnected. When I came home the first summer I didn't know it was disconnected. I connected my phone back to the jack and sure enough, had a dialtone.
I made calls for several weeks until my friends kept complaining that my number didn't work, said it was disconnected. I called Ma Bell and found out it was disconnected!
The line f
Re: (Score:3)
That's a soft disconnect.
They deleted your number in the switch software but didn't physically disconnect the wire.
It happens all the time, and, in fact, is required by law in some areas.
Some counties require the phone company to have a working phone with 911 access in every home, even if it's abandoned. So they have to send techs out with police escorts to install phones, just in case some hobos move in and have an emergency.
Re: (Score:2)
ooo... and I should add...
Soft disconnects are done frequently for people that plan to reconnect the phone.
"I'll be in Florida for the winter but I want my number back when I get back!"
The phone company charges you a small fee to hold them number, they disco the number in the switch so it doesn't lead to the line but they don't physically disconnect the line because that would involve work and they'd just have to reconnect it later anyways. So when you get back home they just reprogram the number and viola.
Re: (Score:2)
No, they cancelled the line. I had a change in my financial aid and ended up living at home for another year. When I found that out I actually did get the extra line again but I couldn't get the old phone number, I had to get another phone number.
Re: (Score:2)
SS7 pre-dates the modern processing explosion. Early systems were stretching their embedded 386 just to handle the protocol messages.
Your point is absolutely correct, however, I'm pretty sure the first SS7 implementations ran on 3B20s.
Re: (Score:2)
THIS!
It's the same way that the initial solution to people MFing was to put a 2600 Hz notch filter on POTS lines. Then they moved signaling out of band except for the last mile. They assumed that was problem solved since trunks were protected with physical security.
They simply didn't anticipate a day when most of the population had a cellphone and a computer more powerful than their switch and where software defined radio was an actual thing that an individual could make or buy.
Voip Providers don't get direct SS7 (Score:2)
ILECs and CLECs don't trust other entities to route good SS7 commends. The gateway to the actual SS7 network is setup to filter most SS7 commands beyond the bare minimum needed to complete a call. I've seen an unrestricted SS7 console in action at an ILEC and you can do all sorts of things to trace out a calls, listen in and pull billing and address information. It's pretty slick, but they are very selective about who gets access.
Re: (Score:3)
Re: (Score:1)
"Early systems were stretching their embedded 386 just to handle the protocol messages."
SS7 existed before the 8088 was a twinkle in Intel's eye, let alone "386s"
FWIW it wasn't blue boxes or Captain Crunch that drove SS7 - it existed before all that stuff happened.
The driver for SS7 was digitisation of the phone system, which started in the early 1960s. Having worked on analog transmission and multiplexing systems, with their hundred of thousands of exquisitely tuned quartz crystal blocks and experienced th
Just remember (Score:1)
This bit
record hundreds of encrypted calls and texts at a time for later decryption
And that it probably applies to any encryption offered up to consumers from Google, Apple, and Microsoft, etc.
If they haven't already added a master key to their encryption, the ability to decrypt easily through a "flaw" or "weakness" would allow deniability though.
Unlocked door w/ sign "Authorized Personnel Only" (Score:5, Interesting)
Intercepting encrypted communications! OMG! (Score:3, Insightful)
Uh.. the whole point of transport layer encryption is that you assume an attacker can record your communication and the encryption prevents the attacker from figuring out the real contents of the communication.
If you know for a fact that no unauthorized party can actually tap to your communication channel.. you don't even have to bother with the encryption in the first place.
The rest of the issue is due to the fact that the SS7 protocol is a byzantinely complex and very very old standard going way WAY back before data security was taken into account.
For all the people saying this is some intentional backdoor... if the NSA really were that smart to sneak this into a design-by-committee standard where hundreds of engineers spent years niggling over details, then you might as well give up now because you just said they are smart enough to insert backdoors into the Linux kernel or any other complex open source project too and they'll get away with it for decades before they get caught.
Re: (Score:2, Insightful)
For all the people saying this is some intentional backdoor... if the NSA really were that smart to sneak this into a design-by-committee standard where hundreds of engineers spent years niggling over details, then you might as well give up now because you just said they are smart enough to insert backdoors into the Linux kernel or any other complex open source project too and they'll get away with it for decades before they get caught.
NIST standards aren't design-by-committee standards with hundreds of engineers niggling for years over details? You're naiveté is pretty cute.
Re: (Score:2)
Since you assign God-like powers to the NSA, give up now because nothing is secure. They slice through any encryption with a pocket calculator. They've kidnapped you and implanted mind-recording devices in your head and then wiped your memory! You live in an episode of the Prisoner but without the trippy 60's music!
Re: (Score:2)
Since you assign God-like powers to the NSA, give up now because nothing is secure.
Subverting standards and products is not having a God-like power. It's well within the means of a nation-state agency with an unlimited black budget. Their own documents even prove this.
Re:Intercepting encrypted communications! OMG! (Score:5, Insightful)
This isn't even about a subversion of standards. It's kind of required for cell phones to work that the towers are able to identify your handset and route your calls and messages. This isn't an OTA exploit. You still have to have physical access to the switch and credentials.
OMG guys! I've discovered a terrible, awful vulnerability in Linux!!! If somebody has your root password, they can, with a few keystrokes, have total access to your computer! They can read all your files, change them, delete them, anything! We're doomed!
No, the problem with government surveillance is a political one, not a technological one. As long as they have the authority to hook their boxes into the communications lines, nothing can ever be secure. Somebody has to have root access to the system for the system to work and be maintainable.
I work at a hospital, and I have root access to the database. ZOMG your medical records aren't secure! Somebody sitting at the server with the root password can see everything! Ummmm no, your records are fine. I have to have access to the database to do my job. But we have a political system including an internal review board and threats of felony criminal prosecution if I were to do anything to violate your privacy. Also I'm not a dick. The solution to government surveillance is a political one. We need people who aren't dicks and rules that put them in jail if they intercept your calls.
Re: (Score:1)
Can we agree that the problem is that even if the people with access aren't dicks right now that they might become dicks in the future. It only takes one person evading your dick filter for a while to hire some other like-minded dicks and dick everyone over. There's also a pretty convincing thesis [prisonexp.org] that ordinary people with power** are at unique risk to become dicks.
(Also, I'm not saying you're a dick. Just to be clear.)
** One could
Re: (Score:2)
Sure, which is why there has to be dicks who watch dicks. Kind of like the checks and balances that are supposed to exist in our government. Except they don't.
Re: (Score:2)
Is that you number 6?
Re: (Score:1)
A couple of anecdotes:
The NSA's input into the original DES password crypto stuff bears looking at. They managed to prevent a whole block of cyphers being used in the 1970s and it wasn't until the late 1990s that civilian researchers found out how borken that particular set was.
In that case the NSA was _shoring up_ crypto, not breaking it down.
Back in the late 1990s, I needed to explain how public key crypto (pgp-style) worked to one of my elderly customers.
His response: "Oh ok. We were using that stuff in
Re: (Score:1)
In that case, give up: They own your Linux kernel and you don't even know it. You might as well go with a closed-source backdoored solution since maybe they have a harder time patching it so the backdoor is less reliable.
If the NSA can sneak in with some nearly undetectable hack to the SS7 protocol 20 years before cellphones even become widespread, you stand absolutely no chance of securing a complex open source project where code commits happen fast & loose.
Hell, the legitimate kernel developers who kn
That doesn't sound like total access... (Score:2)
If they can only listen to phone calls and view text messages. That's like saying someone has "total access" to your machine because they installed a keylogger. Is it dangerous and invasive? Yes. But it's not "total access", if they can't actually *control* anything...
Another issue? (Score:2)
Stupidity is abundant these days (Score:5, Informative)
If I break into your house, and then walk into your main hallway, and then say, "There is a security flaw in your home! From this point in your hallway I can listen to any room, or walk down freely into any room." As you're looking at your front door splintered from the battering ram I hit it with to get in, would you call it a "hack," a flaw or something to be concerned about how your hallway(s) go through your house? No, you'd say, "The hallway is fine, I need a stronger front door. BTW, the Glock I'm holding is loaded."
When I start to read, "SS7 was designed in the 80s," I already know I'm dealing wtih a mental midget. Actually, SS7 begain due to the first ever hackers. Remember 2600? As in, 2600 Hz was the signaling frequency for a landline switch. Throw that tone, and you could make calls (for free if it was a payphone). Hence, telecoms came up with an idea to do out of band signaling, which eventually became SS7. So, saying you can "hack" SS7 is very misleading because all SS7 does is coordinate call set up. That "ringing" you hear as you wait for the far, distant switch to reply that the called line is available, is a "comfort tone," as SS7 does it's work. Besides cutting down on fraud, SS7 keeps circuits available, because if the called number is busy, or unavailable, there's no point in setting up a line between your local switch and the switch at the far end.
In the deepest bowels of a switching office, usually near the back, you'll see SS7 racks. These connect from and between local, long-distance and other switches. It's what you'd call, "Back Office," network, similar to the network used by the telecoms to manage their servers your traffic go across but you'll never touch. Such as 3G data going through PCF after it's left the mobile switch, and before it hits an internet backbone ATM. So in simple terms, you'd have to break in, figure out the network, and then figure out a 2nd break in to get to the SS7, and then you'd be in a very small part of the network.
Honestly, if you're going to be doing that much effort, you're NOT going after SS7. Just hack the 3-letter agencies or other LEO server for court-approved wiretapping that is hanging off the switching network and you're in anything, everything, anywhere.
ss7 usage (Score:1)
You might think "meh, ss7, old protocol not in use much", but... a huge number of voice and network transit products use SS7 signalling, and pretty much all the big players in trunk and voice kit have ss7 modules or compatibility mode built right in.
The syntax is pretty odd, I've had a play and generating it on the fly was difficult but we could log in and do some basic manipulation of configs etc but we had no documentation, but I was sure there were other funky stuff hiding there, but ultimately managemen
An SS7 coder writes... (Score:3)
Really, the issue here is with MAP (an add-on to SS7 to support mobiles). The explosion of mobile means SS7 is no longer just the playing field for national carriers - mobile-only operators came to the party (still all $xbillion players). Then, smaller countries with some interesting networks came on the scene, and rather naughty SS7 traffic started to appear on the network.
Smarter operators (or at least bigger ones who got their fingers burnt) spent money to install gateways that limit and control their exposure (wouldn't you?). The less clueful/more cash-strapped/networks in less-developed countries remain more exposed.
Anyone interested can search for 'SS7 mobility management' ; the <a href="http://www.informit.com/library/content.aspx?b=Signaling_System_No_7&seqNum=116">code is easy</a>, the issue is getting access to the network.
Oh, wait, these days SS7 is being routed over IP now (ever wondered what the <a href="http://lksctp.sourceforge.net/">linux SCTP module</a> is actually for?).
Not a flaw... (Score:1)
An intentional design feature.
Re: (Score:2)
A standard that was just able to keep the press out and users safe but be open to the security services in real time.
Voice, gps, video, images, live mic, plain text, tracking and all the other wiretap friendly methods and standards could be seen with CALEA and what is shipped now.
Italy had the SISMI-Telecom scandal https://en.wikipedia.org/wiki/... [wikipedia.org]
G
Getting old (Score:2)
Too often when I hear of "researchers" discovering "flaws" turns out all they are doing is demonstrating an obvious result from commonly known properties of a system.
You mean you can just mount that unencrypted drive, change root password, boot up and have full access to everything? Well jolly geeewiz...
SS7 "flaw" is standard operating procedure for Telco's where only meaningful form of security has always been adult supervision.
Not much different from what happens when one or more "adults" setting up BGP
Probably a safe bet.... (Score:2)
The problem with SS7 (Score:1)
and the the entire planet's phone routing system for that matter.
Is that it explicitly assumes that only those who are trusted have access to the network at that level.
That assumption has been blown apart time and time again.
Hijacked phone ranges were a problem in the 1990s well before the problem of hijacked IP netblocks started being noticed and defended against on the Internet - and they're still a problem which isn't defended against.
SS7 attacks have been around a long time and telcos won't do anything