VoLTE Flaw Lets A Hacker Spy On Encrypted Communications For A Measly $7,000

from the time-to-take-a-broader-view dept

As we've noted, much of the hysteria surrounding TikTok isn't based on anything close to consistent outrage. As in, many of the folks freaking out about a teen dancing app were nowhere to be found when U.S. wireless carriers were found to be selling access to your location data to any random idiot. Most of the folks pearl clutching about TikTok have opposed election security funding or even the most basic of privacy rules. The SS7 flaw that makes most wireless networks vulnerable to eavesdropping ? The lack of any security or privacy safeguards in the internet of things (IOT) space?

Which is all a long way of saying: if you're going to lose sleep over TikTok, you'll be shocked to learn there's an ocean of issues that folks are paying absolutely no attention to. Or, to put it another way, TikTok is probably the very least of a long list of problems related to keeping U.S. data secure.

The latest case in point: a report last week noted how with around $7,000 worth of gear, a marginally competent person could eavesdrop on voice over LTE (VoLTE) communications, even though these transmissions are purportedly encrypted:

"Their technique, dubbed ReVoLTE, uses a software-defined radio to pull the signal a carrier’s base station transmits to a phone of an attacker’s choosing, as long as the attacker is connected to the same cell tower (typically within a few hundred meters to few kilometers) and knows the phone number. Because of an error in the way many carriers implement VoLTE, the attack converts cryptographically scrambled data into unencrypted sound. The result is a threat to the privacy of a growing segment of cell phone users. The cost: about $7,000."

It doesn't take that much work to fix the vulnerability, but many wireless carriers are expected to lag in fix implementation:

"With more than 120 providers around the world and over 1,200 different device types supporting VoLTE, it will likely take more time for the eavesdropping weakness to be fully eradicated.

“However, we need to consider a large number of providers worldwide and their large deployments,” the researchers wrote. “It is thus crucial to raise awareness about the vulnerability."

And while the attack requires some degree of finesse and good timing, it's yet another indication that our very basic communications infrastructure isn't half as secure as we like to pretend it is. The report came on the heels of another report indicating that it didn't take much work to spy on much of our satellite communications infrastructure despite these attacks being known about for the better part of the last fifteen years. Then there's the SS7 flaw in most major wireless networks which allows for covert spying of wireless transmission and has been known about for nearly as long.

Which again is a long way of saying that if we genuinely cared about U.S. data privacy and security in the face of hostile global actors, we'd do a hell of a lot better job shoring up basic infrastructure and infrastructure security. Instead we get (waves in the general direction of the TikTok Microsoft kerfuffle) whatever all of this is supposed to accomplish.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: calls, encryption, revolte, security, volte


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    Federico (profile), 24 Aug 2020 @ 4:57am

    Deregulation

    Thanks Obama! Surely this is the effect of some security standard imposed by Big Government in the previous administration. If only the FCC proceeded faster in removing regulations, as it did with net neutrality, I'm confident that telcos would fix such security issues much faster.

    Also in the interest of free market, every insufficiently free telco will be seized by the government and transferred to a compliant new owner.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 24 Aug 2020 @ 7:18am

      Re: Deregulation

      Where is the sarcasm flag?

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 24 Aug 2020 @ 7:47am

      Re: Deregulation

      So what your saying is that the Obama administration imposed a regulation for them to encrypt data and they did such a bad job of it that it is really insecure and somehow its this "unnamed regulation" that is at fault? Its almost like you are trying to blame the Obama administration for anything and everything without any receipts or even proper knowledge of how things work in tech.

      Still trying to figure out if sarcasm or trolling...

      reply to this | link to this | view in chronology ]

    • icon
      ECA (profile), 24 Aug 2020 @ 8:23am

      Re: Deregulation

      YEP,
      Pass the buck to a Democrat..
      Oops...Im sorry, that was a favorite of yours..
      BUSH Jr.
      The one that ???
      Got rid of most of the ammo in the USA(cant get rid of guns, just ammo) so they wouldnt shoot him.

      reply to this | link to this | view in chronology ]

    • icon
      Scary Devil Monastery (profile), 25 Aug 2020 @ 1:34am

      Re: Deregulation

      ...as some have noted, please remember the /s.

      Right now you simply sound like the average enthusiastic MAGA fanboi whose picture of reality comes from Fox and OANN.

      reply to this | link to this | view in chronology ]

  • identicon
    Jim, 24 Aug 2020 @ 7:04am

    Obama?

    If my memory is correct, Obama was not there fifteen years ago. And this was initially white papered back in the 90's. Like about 96.

    reply to this | link to this | view in chronology ]

    • icon
      Scary Devil Monastery (profile), 25 Aug 2020 @ 1:37am

      Re: Obama?

      He was being sarcastic. Unfortunately to a lot of Trump cultists the fact that Obama wasn't in office 15 years ago doesn't exonerate Obama from having screwed with the FCC at that time - or, for that matter, from shooting franz-ferdinand in the face, assassinating Julius Caesar, or from personally nailing that nazarene carpenter's son to the cross.

      That's why the sarcasm just sounds like genuine propaganda.

      reply to this | link to this | view in chronology ]

  • icon
    virusdetected (profile), 24 Aug 2020 @ 7:34am

    "if we genuinely cared about U.S. data privacy and security..."

    But...consider how many government agencies benefit from these flaws: FBI, ICE, CIA, NSA, and all the ones whose initials are secret.

    Of course, many of our enemies benefit, too. The Russians and the Chinese are probably listening to most of the Congresscritters conversations. They probably gave up listening to the Orange Man because nothing he said made any sense.

    With a little effort I suspect one could eavesdrop on some interesting conversations that would lead to some very profitable stock market transactions. Where do I find the instructions for building a ReVoLTE interceptor?

    reply to this | link to this | view in chronology ]

  • identicon
    Ninja, 24 Aug 2020 @ 7:45am

    "if we genuinely cared about U.S. data privacy and security"
    If we genuinely cared about children safety and development; if we genuinely cared about people dignity and basic well-being (the charity folks), if we genuinely cared about..........
    It's a series of hypocrisies that forms the country. And the US is not alone in it.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 24 Aug 2020 @ 1:41pm

      Re:

      Was it the First Lady who wore a coat bearing the statement
      I Really Don't Care, Do u?
      while visiting an immigrant detention camp?

      reply to this | link to this | view in chronology ]

  • icon
    ECA (profile), 24 Aug 2020 @ 8:27am

    Hardware or Software failure?

    “However, we need to consider a large number of providers worldwide and their large deployments,”

    Which, translated means...
    How much can we charge to fix this.
    Either it was a builtin Flaw.. A Flaw in the Software. OR someone in the gov. had a GREAT idea.

    And if you really love paranoia, look up SDR And how much a unit costs. Then lookup on the net how the protocols work with VoLTE.. might as well be using JUST A MODEM..

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 24 Aug 2020 @ 8:57am

      Re: Hardware or Software failure?

      The flaw is in the call setup. There would be little reason to hardware-accelerate this infrequent low-bandwidth event. It looks like a normal dumb software bug. A paranoid person might note that this is great for plausible deniability of a backdoor (although it would be risky to leave this as an intentional one, since anyone can use it).

      reply to this | link to this | view in chronology ]

      • icon
        ECA (profile), 24 Aug 2020 @ 11:35am

        Re: Re: Hardware or Software failure?

        Love that software...
        And it will take how long to send the Data Threw the system to fix it?? 1-2 days??

        Hardware is great, and the ability to use Software to control it, is great also. And smart companies WILL use it. AND still wont fix anything. Because the BOSS/CEO/,., that runs the business, and dont know Hardware/software has to request it, but didnt know its a FAST/EASY FIX.... but that its a Backdoor that can be sold.

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Aug 2020 @ 9:42am

    Do you know what this means?

    This is the business opportunity of a lifetime! Build ReVoLTE devices for $7k each, sell them to police departments at "fell off the truck prices" of $120k each, and Profit$$!

    a marginally competent person could eavesdrop on voice over LTE (VoLTE) communications,...

    Wait... marginally competent? Damn! So much for that idea.

    reply to this | link to this | view in chronology ]

  • identicon
    Kitsune106, 24 Aug 2020 @ 2:38pm

    Soooo

    How much people want to bet the NSA and other three letter agencies know and have own device to do this?

    reply to this | link to this | view in chronology ]

  • identicon
    epicsports, 27 Aug 2020 @ 6:17am

    Very Interesting read

    I know the fact that the VOLTE is a revolution that have provided the best quality of voice calls over internet and in such a way, there is an application which is known as epic sports that you can download today for streaming movies and live sports over internet like volte, get it from https://www.epicsports.fun/

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Essential Reading
Techdirt Insider Chat
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.