Tuesday, April 19, 2016

About that 60 Minutes iPhone hack

While it might have made for good TV, it's not a common threat scenario:
America's flagship news program 60 Minutes has demonstrated how to "hack" a US congressman's smartphone. One little thing to bear in mind about this incredible scoop: the vulnerability has been in circulation since 2014 ... and it requires high-level access to global phone networks.   
John Marinho, vice president of cybersecurity and technology at cell network group the CTIA, said: "While we are aware of the research hackers’ manipulation to exploit SS7 technology in the international wireless networks, it’s important to note that they were given extraordinary access to a German operator’s network. 
"That is the equivalent of giving a thief the keys to your house; that is not representative of how US wireless operators secure and protect their networks". 
So, is this possible?  Yes - and not just for iPhones (Android is also vulnerable).  Is it likely?  Not a bit.  You either need the connivance of the carrier or the carrier's network has to be really badly pwned by the Black Hats.  In either of these cases it's not at all clear how secure your phone would be.


Ted said...

That and the fact that 60 minutes provided the phone to the congress criter in the first place. Who knows what they did to it before they gave it to him.

Anonymous said...

"Is it likely? Not a bit."

Nice wordplay, sir. ;-)