from Hacker News

Hacking Your Phone

by mattee on 4/17/16, 11:57 PM with 13 comments

  • by jtokoph on 4/18/16, 8:54 PM

    It looks like the demo they do with the reporter leaves out a the part where the "landing page" for the wifi prompts the user to install a new root certificate on the device so that his proxy can listen in on all of the traffic.

    This is the smartphone version of fake pirated media that asks you to download a special desktop "media player" that ends up just being malware. The average user will just accept whatever prompts they are given for free access to wifi. Certificate pinning will be much more important once this becomes mainstream.

  • by samfisher83 on 4/18/16, 12:44 AM

    The interesting part of the story is how the NSA knows about this and they really don't want ss7 to be fixed as they can exploit it.

  • by kijeda on 4/18/16, 8:48 PM

    This story appears very similar to one done by the Australian edition of 60 Minutes last year:

    http://www.9jumpin.com.au/show/60minutes/stories/2015/august...

  • by wille92 on 4/18/16, 8:53 PM

    As someone who is unfamiliar with this ss7 vulnerability, does anyone have a more in-depth technical overview?

  • by 999999999999 on 4/18/16, 9:15 PM

    Hungry shark