10:24 GMT +323 March 2018
Listen Live
    Dark web

    Man Behind US Congressman's Phone Hack Tells Sputnik How It's Done

    Get short URL
    0 95

    German security researcher Karsten Nohl first demonstrated how easy it was to hack into someone's phone calls, texts and even location, at the 2014 Chaos Communication Congress - the so-called "hacker convention."

    The hack though, which requires nothing more than a telephone number, appears to still be active over a year on, as he demonstrated this week on CBS's '60 Minutes'.

    Speaking to Sputnik from Berlin Tuesday, Nohl explained that that the hack does not allow access to a user's phone per se, rather the mobile network or service provider: 

    "We're not hacking a phone. What we do is we make the phone network expose information about the person who has the phone… We're intruding the privacy of the phone user, independent of what phone they use, without even talking to the phone," Nohl told Sputnik. 

    According to Nohl, the information that can be gleaned from a user's phone with just a phone number could include an individual's location, and the ability to listen in to personal calls and text messages. 

    The recent legal battle between Apple and the FBI in the USA brought the subject of mobile phone security to the top of the agenda, but Nohl believes there's often a confusion between network security and phone security: 

    "The network is entrusted with certain information, it knows by default where you are… they know which cell tower you're connected to… the network also knows the content of your phone conversations and texts. 

    "A lot more information about you is stored on the phone — maybe in iCloud or Google cloud for example — so you're again trusting a third party, but a different third party." 

    That different third party — a mobile phone manufacturer such as Apple or Samsung — have stepped up the security of their products in recent years, particularly in light of the Edward Snowden NSA revelations.

    With that in mind, Nohl explained to Sputnik that a vulnerability of individual mobile phones is actually down to the service providers as opposed to the phone manufacturers, and given that security between providers doesn't tend to differ much within a single country, consumers cannot do a great deal about the situation. 

    There has been very little legislation in this area, although Nohl suggested that Scandinavian countries have been early trailblazers: 

    "The only countries that have effectively done something about these attacks, and continue to improve on it are Scandinavian countries, and they do that through regulation." 

    A lack of public awareness means that regardless of these revelations, there is little demand from mobile users to implement legislation that would force service providers to increase security.

    Without any such incentive, Nohl fears that mobile networks are unlikely to change. Which logically means, that for the foreseeable future, your location, your calls and your texts can all be accessed using nothing more than your phone number.  


    'Really Creepy': Known Flaw Gives Hackers Access to US Congressman's Calls
    That Super-Secure Thumbprint Technology on Your Phone is Now Useless
    FBI to Tell Other Agencies, Not Apple About How to Hack iPhone
    Who’s Listening in? Mobile Networks Flaw Sparks Phone Hacking Fears
    mobile phone network, information, smartphones, data collection, hacking, technology, security, privacy, Europe, United States, Berlin
    Community standardsDiscussion
    Comment via FacebookComment via Sputnik
    • Сomment