Veritasium: Exposing The Flaw In Our Phone System

Not if you carry a small travel WiFi router with you and have it provide the VPN link. That is:

phone ↔ personal wifi router ↔ VPN server

There may be other vendors, but something like a GL.iNet travel router running OpenWRT could be used to direct all traffic from your phone, including system traffic that bypasses a on-phone VPN, to a VPN server of your choice.

That type of travel WiFi router starts for a pretty nominal $30 or so. Your VPN may cost something per month. Or if you simply wish to alway appear to be at home regardless of where you are in the world, many home routers can provide a VPN server for free.

@OldGuy
at that point why even use a SIM card in the phone? just eliminate it and use a VOIP service like jmp.chat

If I didn’t misunderstood the video you need thousands of dollars to corrupt someone to get access to SS7 and to access someone’s phone number so this kind of vulnerability doesn’t concern 99,9% of people since the threat model is at least a very rich person or a government threat. Anyway that’s very interesting to know but I don’t feel concerned by this.

Sure, the cost of entry is thousands of dollars per month but once you have access why not use it as much as you can?

I dont think these attacks are a threat only for the very rich. Perhaps your data just happens to be part of a relevant data breach. Or maybe some attacks are easier to automate (e.g. sms 2fa) so that the attacker could be looser with their target selection. Also the primary target could be someone who has access to your private information (healthcare, finance etc.).

But yes, I agree that these are better suited for more targeted, high-profile attacks.

Does anyone know if disabling the 2G and 3G modems (like grapheneos allows for) prevents these particular attacks? I’m primarily interested in avoiding the location tracking one.

It could potentially reduce the attack surface, but probably not prevent them outright.

No it does not stop all problems as your device may be better protected but the network can still be abused so someone can still exploit in there.

This sounds (SS7 problems now more widely know and spread) like something that should be up on website (1 or 2 or 3)?

Kuketz, a German security blogger, does recommend using just WiFi, I presume for such reasons. 3GPP & the ITU, which are in charge of these wireless connectivity standards, are mostly or exclusively under the stewardship of various governments, and the corporates involved (the usual ones) have no qualms with “backdoors” that are sometimes deliberately there.