I've seen so many things announced that make me ask myself "But, why?".
Later such things are grandfathered in having never been properly designed or funded for security, etc.
Signalling System 7, or SS7, is a decades-old set of protocols that allows phone networks to communicate with one another, routing messages and calls across borders.
It was never designed with security in mind, and while operators have moved to more secure evolutions with 4G and 5G, they still need to maintain backwards compatibility with SS7. This is likely to remain the case for years if not decades to come.
Phone networks need to know where users are in order to route text messages and phone calls.
Operators exchange signalling messages to request, and respond with, user location information. The existence of these signalling messages is not in itself a vulnerability.
The issue is rather that networks process commands, such as location requests, from other networks, without being able to verify who is actually sending them and for what purpose.Yes. SS7 is a half-century old, designed for a world of state telecom monopolies and a handful of tightly-peered carriers. The threat model could safely assume that only vetted operators could connect. It's unlikely that anyone involved believed that SS7 would still exist in 2000, much less 2025.
https://www.eff.org/deeplinks/2024/07/eff-fcc-ss7-vulnerable...
SS7 dates from the early 1980s, as do SMTP (1981) and HTTP (1989). In all three cases people build the simplest thing that works and then hacked on it as new requirements arose. The main problem is that the telco world is very conservative and closed-source, so while we've had HTTPS and encrypted IMAP etc for a while now, SS7 hasn't gotten similar upgrades.
octagons•2h ago