If you happen across Your smartphone could be hacked without your knowledge by Jennifer Schlesinger and Andrea Day, posted on CNBC, don’t bother to read it. Dissuade others from reading it.
The three threats as listed by the authors:
- Unsecure Wi-Fi
- Operating system flaws
- Malicious apps
What’s missing?
Hmmm, can you say SS7 vulnerability?
The omission of SS7 vulnerability is particularly disturbing because in some ways, it has the easiest defense.
Think about it for a moment. What do I need as the premise for most (not all) successful SS7 hacks?
Your smartphone number.
Yes, information you give away with every email, contact information listing, website registration, etc. Not only given away, but archived and available to search engines.
If you don’t believe me, try running a web search on your smartphone number.
I understand that your smartphone number is as useful as it is widespread. I’m just pointing out how many times you have tied a noose around your own neck.
The best (partial) defense to SS7 attacks?
Limit the distribution of your smartphone number.
When someone omits a root problem of smartphone security, in a listing of smartphone security issues, how much trust can you put in the rest of their analysis?