what is it called when someone glances at your computer to glean information
Nearly |
Nigh security news is about insecurity, hacking and cyber threats, bordering on scary. But when security is done right, information technology'south a beautiful thing...sexy even. Security IS sexy.
Hackers merely need your phone number to overhear on calls, read texts, runway you
threescore Minutes showed how hackers only needed a congressman'southward phone number to record his calls and runway his location. The congressman said people at intelligence agencies, who are aware of the SS7 flaw and abuse it, should be fired.
You might know that if a hacker has aught more than your phone number, then he or she can mind into and record your calls, read your texts, or rail your location, simply does your grandma know information technology? That'south what I liked about a 60 minutes telephone hacking segment; it can accomplish non-security minded audiences who may accept thought such a hack could only happen in movies.
If you lot apply a mobile phone, then you employ Signaling System Seven, or SS7; "Every person with a cellphone needs SS7 to phone call or text each other," threescore Minutes explained. "The SS7 network is the heart of the worldwide mobile phone system. Phone companies utilise SS7 to exchange billing data. Billions of calls and text messages travel through its arteries daily. Information technology is also the network that allows phones to roam."
Security researchers have been alarm about SS7 protocol flaws for years. Granted, most people would not be targeted past this type of assault. Then again, some companies sell "the ability to track your phone number wherever you go with a precision of up to fifty meters" equally researcher Tobias Engel pointed out during the 2014 Chaos Communication Congress presentation "SS7: Locate. Track. Dispense." Karsten Nohl of SRLabs also presented that yr before releasing "SnoopSnitch." You may remember other times when Nohl revealed vulnerabilities which affected millions of phones.
Some people believe the SS7 flaw has never been fixed "considering the location tracking and call bugging capacity has been widely exploited by intelligence services for espionage." Yet if intelligence agencies don't want the flaw fixed because they can abuse it for spying, to glean valuable intel from targets, and so Congressman Ted Lieu said those people should absolutely "exist fired."
Congressman Lieu agreed to utilize an iPhone supplied by 60 Minutes even though he knew information technology would exist hacked. He'south no technical illiterate either; he has a informatics caste from Stanford and serves on the Firm Oversight and Reform Subcommittee on Information technology. The congressman didn't have to autumn for social engineering or accept a text with an attachment; all Nohl and his team needed was the phone number of the iPhone Lieu was using.
Although "some The states carriers are easier to admission through SS7 than others," and the cellular phone trade association told 60 Minutes that "all US cellphone networks were secure," the hackers were able to intercept and record the congressman'south calls, read his texts, view his contacts and track his location even if GPS location services were turned off.
Nohl explained, "Any choices that a congressman could've made, choosing a phone, choosing a pin number, installing or not installing certain apps, have no influence over what we are showing considering this is targeting the mobile network."
When threescore Minutes played a sample of Congressman Lieu'southward recorded conversation back for him, information technology included his colleague proverb, "I sent you some revisions on the letter to the N.S.A., regarding the data collection." Lieu was both angered and creeped out. He said attackers abusing the SS7 vulnerability "could hear any call of pretty much anyone who has a smartphone. Information technology could be stock trades you want someone to execute. It could be calls with a depository financial institution." He has received a call from President Obama earlier when he was using a cellphone and if hackers were using SS7 to mind in, so they would know what was said.
If the SS7 vulnerability has non been stock-still considering information technology is a favorite spying tool for intelligence agencies, then the people enlightened of the flaw should be fired, Lieu said. He added, "You cannot have 300-some million Americans – and really, correct, the global citizenry be at risk of having their telephone conversations intercepted with a known flaw, only considering some intelligence agencies might go some data. That is non adequate."
Ironically, Australia'south hour aired a similar phone hacking segment last yr detailing how the SS7 flaw could allow "remote bugging of whatsoever mobile phone user's calls" and included examples of firms which sell such an ability; 1 example was the US company Verint, which sells SkyLock to "Locate. Track. Manipulate." The US version did not include a like list of companies or go the congressman'southward opinion on those companies.
Nohl explained that there is "no global policing of SS7" and it's up to each mobile network to protect their customers. "And that is hard."
John Hering, cofounder of mobile security firm Sentinel, told threescore Minutes there are only two types of people . . . those who know they've been hacked and those who are unaware they were hacked. "We live in a world where we cannot trust the technology that we utilise."
You can watch the 13-minute video here.
Then when will the vulnerability in SS7 be fixed? It's a question that has been asked for years; beyond false assurances that US networks are secure, all we get in reply are crickets chirping in otherwise silence. If that is because intelligence agencies don't desire it fixed, and so let the firing brainstorm.
Copyright © 2016 IDG Communications, Inc.
hernandezothessonce.blogspot.com
Source: https://www.computerworld.com/article/3058020/hackers-only-need-your-phone-number-to-eavesdrop-on-calls-read-texts-track-you.html
Post a Comment for "what is it called when someone glances at your computer to glean information"