New Intercept article based on Snowden release shows that cell phone communication protection by encryption between your device and the cell network has been compromised for years.
Just like I tell people, email is like a postcard; cell phones are glorified
walkie-talkies. The days that you had a single circuit from your phone to
your caller’s is long gone with land lines, why would you expect it with
cell phones? And considering the usage of cell phones for ALL sorts of
activities, the desire to be able to listen in would be great.
Our “adversaries” already knew we listen to their cell phones; thus the word
codes and burn phones, and the TLAs are applauded for their technical
wizardry. Why is anyone surprised they can listen in to cell phones in
other parts of the globe?
This just illustrates Snowden’s comments to Schneier about having the keys
to decyrpt traffic in real time instead of having to crack keys on an
individual basis.
Stingrays, SIM keys, …. why in the world would anyone think a radio is secure communications without real effort?
More and Link below. Good article with excellent explanations.
Ridge
————–excerpt—————
AMERICAN AND BRITISH spies hacked into the internal computer network of the
largest manufacturer of SIM cards in the world, stealing encryption keys
used to protect the privacy of cellphone communications across the globe,
according to top-secret documents provided to The Intercept by National
Security Agency whistleblower Edward Snowden.
The hack was perpetrated by a joint unit consisting of operatives from the
NSA and its British counterpart Government Communications Headquarters, or
GCHQ. The breach, detailed in a secret 2010 GCHQ document, gave the
surveillance agencies the potential to secretly monitor a large portion of
the world’s cellular communications, including both voice and data.
The company targeted by the intelligence agencies, Gemalto, is a
multinational firm incorporated in the Netherlands that makes the chips used
in mobile phones and next-generation credit cards. Among its clients are
AT&T, T-Mobile, Verizon, Sprint and some 450 wireless network providers
around the world. The company operates in 85 countries and has more than 40
manufacturing facilities. One of its three global headquarters is in Austin,
Texas and it has a large factory in Pennsylvania.
In all, Gemalto produces some 2 billion SIM cards a year. Its motto is
“Security to be Free.”
With these stolen encryption keys, intelligence agencies can monitor mobile
communications without seeking or receiving approval from telecom companies
and foreign governments. Possessing the keys also sidesteps the need to get
a warrant or a wiretap, while leaving no trace on the wireless provider’s
network that the communications were intercepted. Bulk key theft
additionally enables the intelligence agencies to unlock any previously
encrypted communications they had already intercepted, but did not yet have
the ability to decrypt.
As part of the covert operations against Gemalto, spies from GCHQ — with
support from the NSA — mined the private communications of unwitting
engineers and other company employees in multiple countries…….
https:/firstlook.org…
