[_sefg]

How many times do we have to read that X is vulnerable to SS7 attacks? This has been going for the last couple of years.

SS7 in itself is huge disaster, I can recommend the following presentations: https://media.ccc.de/v/31c3_-_6249_-_en_-_saal_1_-_201412271... and https://media.ccc.de/v/31c3_-_6531_-_en_-_saal_6_-_201412272...

tldr: everything that uses sms is vulnerable.

edit: as others already mentioned, use offline 2fa like google authenticator.

[mannykannot]

> How many times do we have to read that X is vulnerable to SS7 attacks?

Until all those whose job it is to secure the various Xs stop ignoring the problem?