This conversation cuts through the noise of geopolitical posturing to reveal a terrifying reality: the very infrastructure that connects our daily lives is also the most effective weapon against us. Jordan Schneider, hosting a dialogue between former Green Beret John Doyle and cybersecurity veteran Dmitri Alperovitch, exposes how the global reliance on commercial cellular networks has turned mobile phones into the primary intelligence source for adversaries, from state actors to drug cartels. The urgency here is not theoretical; it is grounded in the recent 'Salt Typhoon' compromise, where Chinese operatives breached major US carriers to access call records and voicemails of political figures, proving that the 'crown jewels' of national security are currently sitting in the hands of the most vulnerable commercial entities.
The Illusion of Security
Schneider frames the discussion around a shocking admission from Alperovitch regarding the Salt Typhoon investigation. The Cyber Safety Review Board, tasked with probing the breach, was baffled by the government's own surprise at the intrusion. "If you know anything about signals intelligence agencies, the first thing you would do is go after telcos. That's where the crown jewels are," Alperovitch notes, highlighting a profound disconnect between intelligence capabilities and defensive posture. The argument here is that the US intelligence community, which routinely exploits these vulnerabilities abroad, failed to anticipate that a foreign power would apply the same playbook domestically.
This framing is effective because it shifts the blame from a lack of technical sophistication to a failure of strategic imagination. The discussion reveals that the threat is not just about sophisticated hacking but also about the mundane exploitation of legacy protocols. Alperovitch points to the Lapsus$ group, a crew of teenagers who breached major tech firms not through complex code, but by leveraging "SIM swapping"—a legitimate administrative function turned into a weapon. "Many companies around the world are still relying on SMS-based authentication, and it seems like every financial institution, in my experience, is still using SMS and not even providing other forms of authentication that are more secure," he observes. This reliance on outdated two-factor methods creates a backdoor that anyone with a bribe or a threat can walk through, turning the phone number into a master key for digital identity.
"The telcos have the location data, call records, voicemails, and they can do many things without our knowledge or control."
The conversation underscores that the problem is systemic. It is not a single bug to be patched like SolarWinds, but a fundamental flaw in the architecture of global telecommunications. As Schneider notes, this is a "literal PhD field of study" regarding how protocols can be exploited. The sheer scale of the vulnerability suggests that the current commercial model, which prioritizes ubiquity and low cost over security, is incompatible with modern national security needs. Critics might argue that building a parallel, secure network is economically unfeasible for the average consumer, but the authors counter that the cost of inaction—measured in compromised elections and targeted assassinations—is far higher.
War on Commercial Lines
The dialogue takes a darker turn as it examines the war in Ukraine, where the lines between civilian infrastructure and military targets have blurred into oblivion. Schneider and Doyle illustrate that modern conflict is no longer fought solely on dedicated military channels but on the same commercial networks used for texting and streaming. Doyle recalls his time in the Army, noting that despite carrying hundreds of thousands of dollars in specialized radio gear, the most reliable tool was always his commercial cell phone. "The telecommunications network is the best communications platform we've ever built," Doyle asserts, a statement that carries a heavy irony given its current weaponization.
The human cost of this dependency is stark. Alperovitch describes how both Russian and Ukrainian forces rely on these networks, leading to a deadly game of cat and mouse where a phone signal can trigger a missile strike. He recounts a chilling tactic used by Ukrainian forces against the initial Russian invasion: they identified Russian command posts by tracking new phone activations on February 24, 2022. "A lot of Russian generals died because of that heuristic," Alperovitch states, illustrating how the digital footprint of a soldier can become a death sentence. This is not just a tactical advantage; it represents a fundamental shift where the privacy of the individual is the first casualty of war.
The discussion also touches on the "Spiderweb" drone attacks, where Ukrainian forces piloted drones over Russia using the adversary's own commercial cellular network. This innovation highlights the adaptability of modern warfare but also the fragility of the infrastructure. Alperovitch notes that in response, Russian forces began turning off cellular networks regionally whenever drone swarms were detected, effectively blinding their own population to stop the attacks. "The lack of OPSEC at the highest levels and operational levels is just absolutely mind-boggling," Alperovitch says, describing senior officials who casually place their phones on tables during high-stakes meetings, unaware that their geolocation data could be the difference between life and death.
"Even in times of conflict, even in the most acute of circumstances, people turn to the cell network first. That's good because it's amazing and performant, and we know how to use it."
This reliance is driven by the sheer performance and ubiquity of commercial networks, which have outpaced military-grade alternatives. However, the argument that we must simply "fix what's broken" overlooks the deep entrenchment of these vulnerabilities. The comparison to the historical context of Signalling System No. 7 (SS7) is implicit here; the protocols that govern global telecom were designed decades ago for voice calls, not for the constant, high-volume data transmission of the smartphone era. The fact that these legacy systems are still the backbone of modern conflict suggests a critical lag in our defensive evolution.
The Path Forward
Doyle introduces Cape, a new mobile carrier founded on the thesis that privacy and security must be the baseline, not an afterthought. The company aims to offer a "privacy-first mobile carrier" that can withstand the types of intrusions seen in Salt Typhoon. Doyle argues that the current market has stagnated, particularly in the US, where providers have failed to innovate compared to competitors like Huawei. "China has completely infiltrated the telecommunications networks. China has full visibility into what you're doing with your phone," Doyle warns, noting that the Salt Typhoon revelations have finally made this threat undeniable to the public.
The argument for a specialized, secure network is compelling, yet it faces the hurdle of network effects. A secure network is only as strong as its connectivity to the rest of the world. If a user of a secure carrier cannot seamlessly communicate with the billions of users on commercial networks, the utility of the secure option diminishes. Furthermore, the technical challenges of remediating global protocols are immense. As Alperovitch points out, the problem is not just about one company or one country; it is about the global architecture of the internet itself. The solution requires a level of international cooperation that seems increasingly unlikely in the current geopolitical climate.
"The type of information they're able to collect is absolutely insane."
The conversation concludes with a sobering realization: the tools we use to connect with our loved ones are the same tools that can be used to track, target, and kill us. The human cost of this technological reality is measured in the lives of soldiers, the privacy of politicians, and the safety of civilians caught in the crossfire. The authors make a strong case that the status quo is unsustainable, but the path to a secure future requires more than just a new carrier; it demands a fundamental rethinking of how we value privacy in an age of total surveillance.
Bottom Line
Schneider's piece succeeds in demystifying the technical complexities of telecom espionage by grounding them in the visceral reality of modern warfare and recent high-profile breaches. The strongest element is the unflinching exposure of how commercial convenience has become a national security liability, forcing a reckoning with the legacy systems that underpin our digital lives. However, the argument's vulnerability lies in the practicality of its solution; while a secure carrier like Cape is a necessary step, it cannot single-handedly fix a global infrastructure that is fundamentally broken. The reader must watch for whether the administration and private sector can move beyond awareness to the difficult, expensive work of rebuilding the world's communication backbone before the next conflict turns it into a graveyard of data.