Tech

Best PowerToys Tools for Windows: Top Features You Should Use

Nov 19th 2025

AI-generated, human-reviewed.

Your cell phone can be tracked globally, even if you’re not infected with malware or spyware. On Security Now, Steve Gibson and Leo Laporte broke down how commercial services exploit legacy telecom protocols—specifically SS7—to locate individuals worldwide, leaving most of us exposed to tracking no matter which phone we use or which brand we trust.

What Is Global Cell Phone Tracking?

Global cell phone tracking refers to the ability of certain companies or governments to pinpoint a mobile phone’s current location—anywhere on the planet—simply via the phone number, without any need to infect the device or install additional apps.

According to Steve Gibson on this week's Security Now, companies like First WAP have weaponized decades-old telecom infrastructure. They leverage a protocol called Signaling System 7 (SS7), which is still used to route calls and text messages across international carrier networks. While SS7 was designed for interoperability, it was never built with strong security or authentication in mind.

How SS7 Enables Global Tracking Without Malware

Unlike well-known spyware solutions (like NSO Group’s Pegasus), SS7-based tracking doesn’t require installing anything on the target device. Instead, services send network-level queries—often using legitimate telecom credentials leased from mobile carriers—and receive location information back in the form of cell tower IDs.

Here’s how it works:

  • Cell networks always need to know your most recent cell tower so you can get calls and texts.
  • SS7 messages can request the current cell tower location for any mobile subscriber, given the phone number.
  • This information can be mapped to a latitude and longitude, often within a city block in urban areas.
  • Some commercial providers have collected millions of location records, tracking thousands of individuals in real time.

This exposure affects all brands—Apple, Samsung, Google—since the vulnerability is in the cellular network itself, not the phone’s operating system.

Instant Insights: SS7 Tracking vs. Malware-Based Surveillance

On Security Now, Steve Gibson clarified that this commercial, network-level tracking is fundamentally different from attacks using malware or spyware. With SS7 tracking:

  • No device infection is needed—just knowledge of the target’s phone number.
  • It leaves zero trace on your phone (no odd behavior or warning).
  • Even perfect device “hygiene” (good security practices, using the latest updates, disabling location services) does nothing to stop it.

By contrast, malware-based surveillance requires some compromise—phishing, malicious apps, or targeted attacks—which are much easier for regular users to defend against, at least if they follow best practices.

Who Is Most at Risk—and What’s Being Done?

While average users are unlikely to be targeted by sophisticated SS7 queries, high-profile individuals, government officials, activists, and journalists are the main targets. According to Security Now's coverage, commercial tracking companies have massive datasets showing the movements of executives, politicians, and even those under investigation by law enforcement.

Network operators are slowly deploying SS7 firewalls to identify and block suspicious queries, but business incentives and technical limitations make complete protection unlikely anytime soon. As Steve Gibson noted, backwards compatibility keeps SS7 active even as 4G and 5G networks attempt to add layers of security.

Can You Prevent SS7-Based Cell Phone Tracking?

The blunt truth: There’s little a regular user can do to prevent SS7-based tracking if their phone is turned on and connected to a cell network. Here are the only real mitigation strategies:

  • Airplane mode or turning off your phone’s cellular radio completely disconnects it (but at the cost of connectivity).
  • Burner phones and disposable numbers can reduce the usefulness of historical tracking, but are impractical for most everyday scenarios.
  • Using Wi-Fi alone without cellular may prevent tower-based location tracking—but limits call and SMS functionality.

Unfortunately, no current protection, app, or security setting blocks this style of network-level surveillance for typical users.

Key Takeaways

  • Cell phone tracking via SS7 does not require malware or spyware. Your location can be determined anywhere in the world, based only on your phone number.
  • All brands and devices are affected: This isn’t an iOS vs. Android issue; it's about telecom infrastructure.
  • Your movements can be mapped with high precision in many locations.
  • Security upgrades are lagging: Mobile networks still support SS7 for compatibility, and most have incomplete protections.
  • For almost all users, there’s no practical way to prevent this tracking short of turning off your phone.
  • High-risk individuals (officials, activists, journalists) should consider burner phones or disconnecting cellular radios.

The Bottom Line

On Security Now, Steve Gibson and Leo Laporte revealed that global cell phone tracking is possible without malware, thanks to vulnerabilities in SS7—the legacy system powering modern phone networks. For most users, this means location privacy is limited whenever their phone is turned on and connected. While carrier defenses are improving, the best ways to avoid tracking are extreme: powering down or using disposable devices.

Stay informed and protect your digital essentials. Don’t miss future insights from the Security Now team.

Subscribe to Security Now: https://twit.tv/shows/security-now/episodes/1052

Checkout.com Fights Back Security Now #1052
Nov 18 2025 - Global Cellphone Tracking
Checkout.com Fights Back
All Tech posts