
Hacking Your Phone - mattee
http://www.cbsnews.com/news/60-minutes-hacking-your-phone/
======
jtokoph
It looks like the demo they do with the reporter leaves out a the part where
the "landing page" for the wifi prompts the user to install a new root
certificate on the device so that his proxy can listen in on all of the
traffic.

This is the smartphone version of fake pirated media that asks you to download
a special desktop "media player" that ends up just being malware. The average
user will just accept whatever prompts they are given for free access to wifi.
Certificate pinning will be much more important once this becomes mainstream.

~~~
anontestuser234
will certificate pinning flag anything if the user installs a new root cert on
their device?

~~~
JonathonW
That depends. I'm not sure what iOS or Android do here, but Chrome (as an
example, since its behavior is well-documented) does _not_ perform pin
validation when the presented certificate chains up to a private trust anchor
(i.e. a user-installed root cert) [1]. This was a deliberate choice on the
part of the Chrome team, to allow this type of MITM (presumably because it's
not uncommon in enterprise environments).

[1] [http://www.chromium.org/Home/chromium-security/security-
faq#...](http://www.chromium.org/Home/chromium-security/security-faq#TOC-How-
does-key-pinning-interact-with-local-proxies-and-filters-)

------
samfisher83
The interesting part of the story is how the NSA knows about this and they
really don't want ss7 to be fixed as they can exploit it.

~~~
Cheyana
Also interesting was the first reason he gave for being angry:

"Rep. Ted Lieu: They could hear any call of pretty much anyone who has a
smartphone. It could be stock trades you want someone to execute."

Yeah, you wouldn't want the public to know about the insider gravy train you
hopped on when you were elected, huh Ted?

------
kijeda
This story appears very similar to one done by the Australian edition of 60
Minutes last year:

[http://www.9jumpin.com.au/show/60minutes/stories/2015/august...](http://www.9jumpin.com.au/show/60minutes/stories/2015/august/phone-
hacking/)

~~~
hellbanner
Ah, good memory.

See also "The news is controlled" \-- anchors from different stations using
the same lines.

[https://www.youtube.com/watch?v=kip2w-DceV0](https://www.youtube.com/watch?v=kip2w-DceV0)

------
wille92
As someone who is unfamiliar with this ss7 vulnerability, does anyone have a
more in-depth technical overview?

~~~
at-fates-hands
This was getting some headlines a few years ago, but most engineers have known
about it for years

[https://www.sans.org/reading-
room/whitepapers/critical/fall-...](https://www.sans.org/reading-
room/whitepapers/critical/fall-ss7--critical-security-controls-help-36225)

------
999999999999
Hungry shark

