VoLTE Flaw Lets A Hacker Spy On Encrypted Communications For A Measly $7,000

from the time-to-take-a-broader-view dept

As we’ve noted, much of the hysteria surrounding TikTok isn’t based on anything close to consistent outrage. As in, many of the folks freaking out about a teen dancing app were nowhere to be found when U.S. wireless carriers were found to be selling access to your location data to any random idiot. Most of the folks pearl clutching about TikTok have opposed election security funding or even the most basic of privacy rules. The SS7 flaw that makes most wireless networks vulnerable to eavesdropping ? The lack of any security or privacy safeguards in the internet of things (IOT) space?

Which is all a long way of saying: if you’re going to lose sleep over TikTok, you’ll be shocked to learn there’s an ocean of issues that folks are paying absolutely no attention to. Or, to put it another way, TikTok is probably the very least of a long list of problems related to keeping U.S. data secure.

The latest case in point: a report last week noted how with around $7,000 worth of gear, a marginally competent person could eavesdrop on voice over LTE (VoLTE) communications, even though these transmissions are purportedly encrypted:

“Their technique, dubbed ReVoLTE, uses a software-defined radio to pull the signal a carrier?s base station transmits to a phone of an attacker?s choosing, as long as the attacker is connected to the same cell tower (typically within a few hundred meters to few kilometers) and knows the phone number. Because of an error in the way many carriers implement VoLTE, the attack converts cryptographically scrambled data into unencrypted sound. The result is a threat to the privacy of a growing segment of cell phone users. The cost: about $7,000.”

It doesn’t take that much work to fix the vulnerability, but many wireless carriers are expected to lag in fix implementation:

“With more than 120 providers around the world and over 1,200 different device types supporting VoLTE, it will likely take more time for the eavesdropping weakness to be fully eradicated.

?However, we need to consider a large number of providers worldwide and their large deployments,? the researchers wrote. ?It is thus crucial to raise awareness about the vulnerability.”

And while the attack requires some degree of finesse and good timing, it’s yet another indication that our very basic communications infrastructure isn’t half as secure as we like to pretend it is. The report came on the heels of another report indicating that it didn’t take much work to spy on much of our satellite communications infrastructure despite these attacks being known about for the better part of the last fifteen years. Then there’s the SS7 flaw in most major wireless networks which allows for covert spying of wireless transmission and has been known about for nearly as long.

Which again is a long way of saying that if we genuinely cared about U.S. data privacy and security in the face of hostile global actors, we’d do a hell of a lot better job shoring up basic infrastructure and infrastructure security. Instead we get (waves in the general direction of the TikTok Microsoft kerfuffle) whatever all of this is supposed to accomplish.

Filed Under: , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “VoLTE Flaw Lets A Hacker Spy On Encrypted Communications For A Measly $7,000”

Subscribe: RSS Leave a comment
This comment has been deemed funny by the community.
Federico (profile) says:


Thanks Obama! Surely this is the effect of some security standard imposed by Big Government in the previous administration. If only the FCC proceeded faster in removing regulations, as it did with net neutrality, I’m confident that telcos would fix such security issues much faster.

Also in the interest of free market, every insufficiently free telco will be seized by the government and transferred to a compliant new owner.

Anonymous Coward says:

Re: Deregulation

So what your saying is that the Obama administration imposed a regulation for them to encrypt data and they did such a bad job of it that it is really insecure and somehow its this "unnamed regulation" that is at fault? Its almost like you are trying to blame the Obama administration for anything and everything without any receipts or even proper knowledge of how things work in tech.

Still trying to figure out if sarcasm or trolling…

Scary Devil Monastery (profile) says:

Re: Obama?

He was being sarcastic. Unfortunately to a lot of Trump cultists the fact that Obama wasn’t in office 15 years ago doesn’t exonerate Obama from having screwed with the FCC at that time – or, for that matter, from shooting franz-ferdinand in the face, assassinating Julius Caesar, or from personally nailing that nazarene carpenter’s son to the cross.

That’s why the sarcasm just sounds like genuine propaganda.

This comment has been deemed insightful by the community.
virusdetected (profile) says:

"if we genuinely cared about U.S. data privacy and security…"

But…consider how many government agencies benefit from these flaws: FBI, ICE, CIA, NSA, and all the ones whose initials are secret.

Of course, many of our enemies benefit, too. The Russians and the Chinese are probably listening to most of the Congresscritters conversations. They probably gave up listening to the Orange Man because nothing he said made any sense.

With a little effort I suspect one could eavesdrop on some interesting conversations that would lead to some very profitable stock market transactions. Where do I find the instructions for building a ReVoLTE interceptor?

ECA (profile) says:

Hardware or Software failure?

“However, we need to consider a large number of providers worldwide and their large deployments,”

Which, translated means…
How much can we charge to fix this.
Either it was a builtin Flaw.. A Flaw in the Software. OR someone in the gov. had a GREAT idea.

And if you really love paranoia, look up SDR And how much a unit costs. Then lookup on the net how the protocols work with VoLTE.. might as well be using JUST A MODEM..

Anonymous Coward says:

Re: Hardware or Software failure?

The flaw is in the call setup. There would be little reason to hardware-accelerate this infrequent low-bandwidth event. It looks like a normal dumb software bug. A paranoid person might note that this is great for plausible deniability of a backdoor (although it would be risky to leave this as an intentional one, since anyone can use it).

ECA (profile) says:

Re: Re: Hardware or Software failure?

Love that software…
And it will take how long to send the Data Threw the system to fix it?? 1-2 days??

Hardware is great, and the ability to use Software to control it, is great also. And smart companies WILL use it. AND still wont fix anything. Because the BOSS/CEO/,., that runs the business, and dont know Hardware/software has to request it, but didnt know its a FAST/EASY FIX…. but that its a Backdoor that can be sold.

Anonymous Coward says:

Do you know what this means?

This is the business opportunity of a lifetime! Build ReVoLTE devices for $7k each, sell them to police departments at "fell off the truck prices" of $120k each, and Profit$$!

a marginally competent person could eavesdrop on voice over LTE (VoLTE) communications,…

Wait… marginally competent? Damn! So much for that idea.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...