IMHO, it is Google and Apple that are entirely at fault for allowing the software of their phones to grant such open access, with users unable to deny such access. If an ancient protocol mandates a response to be sent, the response might as well be fake. Also, silent exploits of Whatsapp, iMessage, SMS, etc. have existed for about a decade now, which should have been more than sufficient time to close all the loopholes. The only explanation that remains is that Google and Apple are conspiring with a third party to keep phones insecure.
This works at the telecom/network level by querying or abusing carrier signalling and interconnects, so feature/“dumb” phones that use a SIM and connect to cellular networks are just as vulnerable.
That could explain the leak of approximate coarse location data, but it does not explain how these vulnerabilities or APIs are being used to compromise Android and iPhone devices. There is more going on than at just the telecom level.
IMHO, it is Google and Apple that are entirely at fault for allowing the software of their phones to grant such open access, with users unable to deny such access. If an ancient protocol mandates a response to be sent, the response might as well be fake. Also, silent exploits of Whatsapp, iMessage, SMS, etc. have existed for about a decade now, which should have been more than sufficient time to close all the loopholes. The only explanation that remains is that Google and Apple are conspiring with a third party to keep phones insecure.
This works at the telecom/network level by querying or abusing carrier signalling and interconnects, so feature/“dumb” phones that use a SIM and connect to cellular networks are just as vulnerable.
That could explain the leak of approximate coarse location data, but it does not explain how these vulnerabilities or APIs are being used to compromise Android and iPhone devices. There is more going on than at just the telecom level.