Snowden leaks...
... the gift that keeps on giving. Happy Xmas and welcome to the club GSMA.
Mobile carrier club the GSMA has hit back against the latest round of Snowden claims, saying it can't find any evidence of “active targeting or compromise of GSMA systems, communications and stored documentation”. When The Intercept first ran its accusation – that the NSA and GCHQ successfully broke into the traffic of more …
Haven't the Chaos club been demonstrating interceptions of GSM for years?
My memory may be faulty, but they also pointed out that while they coudn't (at the time) break the better 3G encryption, hardly any carrier used it anyway...
Do any of these companies and groups really think they are fooling anyone when they issue such specific denials? Every one leaves the door open for them working with the NSA/GCHQ in some way.
The question we want answered - the only question - is whether these companies and groups were complicit in the gathering of information that ended up with the NSA or GHCQ.
Any response that answers some different question does next to nothing to reassure people.
Dan1980, the weasel words will come from the mouths of Corporate Lawyers and they'll be weasel words for one of two reasons. (1) They have a gun to their head and have to cooperate: (2) They wish to make damn sure that no one, now matter how it becomes twisted in a court of law, will be able to come back at their firm for any reason whatsoever. The first is simple self-interest. Come to think of it, so is the second.
Frankly, I don't envy any of them. I'll just stay in my Dragon's Lair, smoke far too much, and play with my cybernetic treasures, thank you.
thank you for your question, "whether these companies and groups were complicit in the gathering of information that ended up with the NSA or GHCQ." I considered answering as socially I have met many of the engineers/security bods working in this area and so I feel unable to answer your question directly as I believe it is illegal under the UK Official Secrets Act 1989, even under Public Interest Defence, to name any serving UK intelligence officers.
Yes; proprietary algorithms that were only made available to specified individuals who could persuade ETSI they had a need to know. And key lengths that everybody in the business knew had been deliberately made far shorter than necessary. In other words, just enough to stop anyone with a scanner recording Princes' dodgy phone calls to their mistresses, but not enough to seriously impede the security services.
I think allegedly the French were co-involved with the Germans in having a covertly 54bit key-length instead of the '64bit' (ten of the digits in GSM A5/1 key have always been zeroes, in all known deployments) This was adequate on release, 25 years ago, to ensure privacy & security against external threats, but it isn't now!
I can easily decrypt GSM A5/1 with my two terabyte look-up table, or downgrade a call to A5/0 or A5/2, in my anechoic chamber. The GSMA's own statistics show that now around 95% of the planet have access to an A5/2 enabled GSM handset. It is one of the world's biggest ICT standardisation success stories, but it is 'b r o k e n'. NSA/GCHQ have also broken A5/3 and LTE (which is reasonable, for national security reasons) my worry is that ANYONE can eavesdrop on GSM & A5/2, with simple hardware. (http://www.rtl-sdr.com/tag/gsm/) entry-level $13 on ebay
Particularly since only the last bit of the call is only encrypted. If you are an attacker on the network, you can easily get all the data, including the location of your victim. In fact you can even reprogram their SIM-card.
In fact you can even use a few synced SDRs and get the precise location of every caller in your neighbourhood. You simply determine the time of arrival of the data bursts and know where the mobile station is.