SS7 and Diameter Vulnerabilities Enable State Surveillance
Citizen Lab researchers have documented two separate spying campaigns exploiting well-known vulnerabilities in the SS7 and Diameter protocols that underpin 2G, 3G, 4G, and 5G telecommunications networks. The campaigns use these weaknesses to track individuals’ locations across cellular networks without authorization.
The relevant fact is that these vulnerabilities are not new. They have been known for years. They are also not theoretical—they are being actively exploited by state actors against civilian populations. The gap between known vulnerability and deployed mitigation is not a policy failure or a technical oversight. It is structural. Telecommunications infrastructure was built on assumptions of trust that no longer apply. Patching those assumptions backwards is harder than building new infrastructure from scratch.
What Citizen Lab revealed is how thoroughly some nations prioritize the ability to surveil their populations over the actual security of those populations. If you can locate someone with precision, you control them. That is the entire point. The protocol vulnerabilities persist not because they cannot be fixed, but because they are too valuable to the regimes that matter. Democratic nations face diplomatic pressure to maintain emergency access for law enforcement. Authoritarian regimes have no such constraints. The surveillance plays on. The only question is whether your government is competent enough to use these holes effectively, or whether it leaves them open for less scrupulous neighbors to exploit instead.