NEW: China has been conducting mass surveillance on Americans' phones by exploiting the chronically-vulnerable SS7 system. Scoop by @skirchy Explainer THREAD https://www.theguardian.com/us-news/2020/dec/15/revealed-china-suspected-of-spying-on-americans-via-caribbean-phone-networks

2. A 70s era global system helps carriers route calls & messages. Problem is, system is trusting, so if you control a telco...you can send non-legit instructions to do things like:

-silently track phones
-intercept messages

From anywhere...to anywhere. https://citizenlab.ca/2020/12/running-in-circles-uncovering-the-clients-of-cyberespionage-firm-circles/

3. State-owned @ChinaUnicomGlob has been sending a ton of non-legit traffic American phone # s. Esp. when they travel abroad. Can be used to track location & possibly intercept. There's more....

4. China may be pivoting to using Caribbean countries' networks as a proxy continue spying on Americans.

Context: well-known in industry that some UK Channel Islands, Caribbean countries, and a few in EU are super-permissive, and have become havens for foreign SS7 abuse.

5. Problem is: thanks to industry capture of the FCC & unwillingness to fix the problem, Americans are badly protected at home. Situation is even worse when we roam with our phones. Wrote a thread about it recently... https://twitter.com/jsrailton/status/1333851667712913413

6.Toplines:
-Americans & USG is vulnerable to SS7
-being spied on by China, other foreign Govs
-industry knows it
- @DHSgov has been warning about it
-Some in congress like @RonWyden are raising the alarm
-perplexingly @FCC, who owns this, is slow-walking

7. Respect to Gary Miller, the former telco executive who did the data analysis and came forward. He had the courage to say publicly what *everyone* in the industry has been speaking about in hushed tones for years.