From: veritasium
While Signaling System No. 7 (SS7) remains broadly in use today, it may not be as secure as widely believed [00:07:02]. Experts like Karsten Nohl and Alexandre De Oliveira have demonstrated how SS7 vulnerabilities can be exploited to intercept phone calls, steal two-factor passcodes, and track location [00:00:09]. These attacks can be done remotely without touching the target’s phone [00:00:19].
The threats are real and can have devastating consequences [00:22:33]. For example, criminals have used SS7 to intercept SMS two-factor authentication codes and empty millions of dollars from bank accounts [00:24:06].
Individual Protection Measures
While there isn’t much an individual can do about location tracking as long as they have a SIM card [02:09:08], certain steps can enhance personal security against other forms of SS7 attacks:
1. Avoid SMS-Based Two-Factor Authentication
SMS two-factor authentication is almost the default for many accounts, but it is vulnerable to interception via SS7 [02:09:08]. Attackers can trick the network into thinking the target is roaming, rerouting messages to their own Global Title (GT) and allowing them to steal one-time passwords [01:18:19].
- Recommendation: If possible, choose alternatives to SMS-based two-factor authentication so messages cannot be intercepted [02:09:11].
- Alternatives:
- Authenticator Apps: Use an authenticator app (e.g., Google Authenticator, Authy) which generates time-based one-time passwords directly on your device [02:09:18].
- Hardware Tokens: Utilize physical hardware tokens (e.g., YubiKey) for authentication [02:09:20].
2. Use Encrypted Internet-Based Calling Services
SS7 attacks can enable phone tapping, allowing third parties to sit on the line and record calls [01:17:59].
- Recommendation: If worried about phone tapping, use encrypted internet-based calling services [02:09:21].
- Examples: Signal or WhatsApp [02:09:25].
NOTE
Experts indicate that interception attempts are “far less common” compared to tracking attempts, which number in the millions per year [02:25:21]. Targets are generally those of interest to state agencies [02:25:15].
The Broader Context
The reliance on SS7 persists because it forms the backbone of 2G and 3G communications [02:59:01]. While newer protocols introduced with 5G are more secure, a “first mover disadvantage” prevents widespread adoption, creating a tremendous amount of inertia to move on [02:57:50]. It could be another 10 to 20 years until SS7 networks are finally switched off [02:41:41].
Ultimately, the issue of privacy against such intrusions becomes a philosophical question [02:50:32]. Some argue that privacy and the ability to form one’s own thoughts without being observed are prerequisites for democracy [02:50:47], while others might contend “nothing to hide, nothing to fear” [02:50:50].