RE: Switching System 7 (SS7) Security flaws

This is a great article, but this part is somewhat incorrect.

What about Signal and WhatsApp you say? Well guess what, if an attacker knows your phone number, they can hijack your Signal or WhatsApp application by sending a forged SMS message. They just hack the SMS messages through SS7, and snatch away the target’s Signal account. The only way you would know about it is when you no longer get any Signal calls or text messages.

In the case of signal, message content isn't routed over SMS. Only the initial device handshake when you setup the device. The rest is direct to their servers via https and it uses an asymmetric key system on top of the TLS stuff.

When you add a new contact it's just registering their public key in a manner similar to GPG. Signal really is just a glorified GPG client under the hood. Signal's entire customer database is comprised of "phonenumber, publickey" and that's it. We know this because they have been served in the past with a request that amounted to "tell us everything you know about persons, x,y & z".

Message notifications are sent out using push messages, which do route over SMS. But push is a service of the OS provider such as Google, Apple or Blackberry. If these are being held up, alot more than signal is going to fail.

They couldn't be blocked except at the carrier level. The device will fall back to periodic "wakeup" polling if no new notifications are received after a certain length of time. Again this is ajax style polling and occurs over https.

So just to be clear, it's not that you wouldn't get notifications or messages. It's the LEA could get a copy of the little bit of info that says "wake up, you have a message". Thus the most they could deduce is that someone, somewhere sent you a message via signal. They can't get at the message itself since the process of actually checking the message involves something similar to JWT and they would need to eavesdrop the https in order to get the token. Also they wouldn't be able to know who you are talking to without subpoenaing Moxie Marlinspike and pals.

Just wanted to clarify, it's an awesome article though!
Upvoted and resteemed!