Why security specialists love to hate cellphone networks
Freedom of the Press Foundation
November 7, 2018
Photo by Mike Mozart. CC BY 2.0
After reading that President Trump’s cellphone calls are allegedly being intercepted by foreign governments, security professionals everywhere screamed internally. In fairness, they were screaming internally before they read the article, too. It’s tough not to, when you know how the systems behind cellphone connectivity work.
When you call your mother, you’re not just calling your mother. You’re calling a nearby cellphone tower that relays your phone calls through cables and switches, to the cellphone tower closest to your mother. Then, dear mother’s phone provider (e.g., AT&T) relays the connection to her.
Threats to press freedom around the world are at an all-time high. Sign up to stay up to date and take action to protect journalists and whistleblowers everywhere.
Thanks for signing up for our newsletter. You are not yet subscribed! Please check your email for a message asking you to confirm your subscription.
Here’s the problem: Along the way, hackers, state actors, and spies have a handful of ways to get access to the location of phones in conversation, or even the content of your conversation. Likewise, they might target metadata — information about the phone call, such as who spoke to whom, when, where, and the length of the call.
Matthew Green, a cryptography professor at Johns Hopkins University, described several weaknesses in popular encryption algorithms designed to protect ordinary phone calls. As he writes, “The encryption flaws… seem pretty significant, and they really are — if you’re a private eavesdropper or a foreign government.”
https://web.archive.org/web/20190330133207/https://twitter.com/SarahJamieLewis/status/1055265196141211649
If you open up your phone and look at your phone’s signal, you may see one of many connection types, including 2G, 3G, 4G, LTE, and others.
Newer standards behind 3G and LTE connections are gradually becoming more well-used in consumer telecommunication infrastructure. While the modern encryption standards are slowly becoming more difficult to break, older 2G connections still plague cellphone security.
Connections over 2G networks are less secure, but because 2G is so widely used, it isn’t going away any time soon. Most modern phones recognize older connection standards that are relatively simple to break, allowing hackers and spies to eavesdrop on calls. And chances are, the phone in your pocket is designed to fall back to a less secure 2G connection as needed.
Our phones are always looking for the strongest connection, and this property is exploited by operators of illegitimate entry points into the cellphone network.
An “IMSI catcher” or cell-site simulator, is a suitcase-sized device broadcasting radio signals to mimic a legitimate cellphone tower. When your phone looks for a connection, the cell-site simulator relays your information to its destination and records the traffic, capturing nearby caller locations, identities, and possibly call content.
The Department of Homeland Security acknowledged cell-site simulators have been detected in the U.S. capital, but says they do not know the types of devices, nor who is operating them.
Cell-site simulators are also increasingly used by law enforcement across the United States. For example, Lucy Parsons Labs, a Chicago-based transparency and digital rights nonprofit, sued for records on the use of cell-site simulators by Chicago police, finding they have been used in the city since at least 2005.
Whether or not these tools are used through an approved legal process, they exploit inadvertent holes in our cellphone infrastructure.
Cellphone infrastructure has more foundational weaknesses.
For over three decades, phone providers have used Signalling System 7 (SS7) as a standard for routing call and data traffic, and is now responsible for delivering most of the world’s phone calls over traditional wired and cellular connections. When the International Telecommunications Union codified the standard in 1980, few telecom providers had access to the system, so the risk of abuse was relatively small. Naturally, they treated SS7 as a trusted system, without control for bad actors.
Any point in the SS7 network can abuse this system of trust to manipulate or eavesdrop on cellphone calls and text messages, gather the location of devices, as well as to disrupt service to phones or entire networks.  And no one could have foreseen the explosion of networks and telecom providers dependent on SS7. Today there are tens of thousands [PDF] of entry points into the SS7 network, each with wide-ranging access.
In 1999, the Third Generation Partnership Project, a consortium of organizations working on telecom standards, warned in a report  [PDF] that SS7 is fundamentally broken. “The problem with the current SS7 system is that messages can be altered, injected or deleted into the global SS7 networks in an uncontrolled manner.”
Nearly two decades later this hasn’t really changed.
In 2008, Tobias Engel demonstrated how to exploit SS7 to locate individual cell phones at the Chaos Communication Congress, a popular hacker conference based in Germany. In 2014 he gave an encore [PDF], demonstrating how to manipulate and track cellphones. It isn’t difficult to get access, he argues. There are several ways to access SS7, for example, using low-powered base stations, sold by companies like AT&T or Verizon for homes and small businesses.
And these are just some of the weaknesses that we know about.
The good news: Securing your voice and text messages is becoming much simpler.
To secure conversations, experts recommend using end-to-end encrypted messaging apps like Signal, developed by a software organization called Open Whisper Systems. These tools appear nearly identical to your default messaging app, while offering robust encryption that is much more difficult for unauthorized third-parties to unscramble. The protocols built for Signal are slowly being adopted by popular services, such as WhatsApp and Facebook Messenger.
One thing Signal does differently than traditional voice calls and text messages: It changes your encryption keys regularly, making it impossible for a network eavesdropper to unscramble previous encrypted messages. But, just like traditional calls and texts, it is not designed to protect metadata — information about conversations, such as who spoke to whom, when, and the length of the conversation.
Cellphone insecurity is part of our lives because, at its core, the wireless ecosystem is dependent on multigenerational technology, both brittle and strong.
To security specialists, cellphone insecurity isn’t unique. It’s just one of many examples of  computing systems that, with the benefit of hindsight, would have been designed differently. And history tells us that, if we don’t develop the ability to anticipate how digital infrastructure will be adopted and abused in the future, we’ll continue to live in doubt with our most remarkable technology.