Forward encryption anyone? I've heard it said that phones don't have the processing power to do that... I call bullshit, but if anyone knows otherwise?
SIM hack scandal biz Gemalto: Everything's fine ... Security industry: No, it's really not
Six days ago Gemalto, the world's largest SIM card manufacturer, was told that back in 2010 it had been ransacked by NSA and GCHQ hackers. Today the company gave itself the all-clear: no encryption keys, used to secure phone calls from eavesdroppers, were stolen, it claims. Yet the IT security industry is not so sure. …
COMMENTS
-
-
Thursday 26th February 2015 09:57 GMT psyq
I very much doubt it has anything to do with the performance, even at the time of standardization of the 4G, phones had more compute performance than PCs from 90's and in miniature / low-power form.
The elephant in the room is the incompatibility of the worldwide mobile standard set by an intergoverment entity with the desire of the goverments to be able to intercept their (and other) citizen communications.
In the ideal world, a modern telephony standard would maintain forward secrecy and the voice data would never be transmitted unencrypted, with the keys tied only to the handsets themselves and overridable by the users of the said handsets. This way, data which goes through the switching office would be perfectly useless from the point of the contents. It is not realistic to expect that the international public telecommunication standard insists on further secrecy, like mechanisms for preventing locating the originator and the destination of the call.
But even "just" secrecy of the contents, not so-called "meta"data is simply against laws set up in most countries nowdays which require an ability to do covert listening (after court order or with less oversight, depending on the country).
So, no, there will be no forward secrecy in a public telephony standard.
-
-
Thursday 26th February 2015 00:24 GMT Anonymous Coward
The good news is...
If Gemalto actually gets it's sales taken down because of loss of confidence in the marketplace caused by their penetration by the NSA/GCHQ, then that is going to put the fear of God into tech companies around the world, who will quite understandably fear that the same thing will happen to them.
A) Much less likely to work with the NSA/GCHQ/other sigint agencies. Let's face it, these agencies are bad actors who are REALLY hurting tech companies. They can pull their cloak-and-dagger crap, but the tech industry should ACTIVELY oppose them in doing so.
B) A little less likely to seek defense contracts, which quite possibly come with real or market-perceived strings attached. So hopefully this will starve defense establishments a little bit on the tech side and increase the pain to various DoD/defense ministries who could previously support sigint agencies' behavior on a nearly cost-free basis.
C) Increased pressure from the global tech industry on political leaders to get these agencies back in line.
Its a shame, because we do need sigint and militaries. However, it really looks like these sigint agencies are out of control. You can't crap all over the tech industry by damaging products/brands/standards/trust/revenue streams and then expect that the industry is just going to sit there and take it while these agencies tear down what the industry has spent the last 60 years building.
-
Thursday 26th February 2015 00:40 GMT PleebSmash
The Intercept vs. Gemalto
https://firstlook.org/theintercept/2015/02/19/great-sim-heist/
https://firstlook.org/theintercept/2015/02/25/gemalto-doesnt-know-doesnt-know/
Since commentards like user 72594 are still getting it dead wrong, I'll preemptively remind everyone that this is The Intercept's reporting (Jeremy Scahill and Josh Begley), not "Snowden... post[ing] a scare story."
-
Thursday 26th February 2015 05:24 GMT Christian Berger
Of course they need to say that...
Just imagine Gemalto admitting to their keys being stolen, whenever my mobile phone company sends me a bill I could always say, "It wasn't me who did those phone calls, it was the person Gemalto gave the key to".
And that's what the security of GSM tries to protect. Making it a bit harder to eavesdrop on calls is just a side effect, the real problem it tries to solve is that people just clone other peoples SIM cards to make calls they don't pay for.
-
-
Thursday 26th February 2015 09:35 GMT Gotno iShit Wantno iShit
It's a shame so much ire is being directed at the victim of this attack and not the perpetrators.
1) Spies spy, it's what they do.
2) This attack is not the same as mass hoovering of metadata, they keys taken cannot be used indiscriminately because they are only used between the handset and base station.
3) Any attempt at mass hoovering would require intercept equipment in the vicinity of every cell site in the target country. Impractical.
4) An attack using these keys forces the handset to drop to 2G, if that were happening on a mass scale someone would notice.
5) These spies have no need of the keys for targets in friendly countries, they can simply request an intercept.
So this raiding party facilitates targeted attacks against parties of interest in unfriendly countries. Pretty much what GCHQ and the NSA ought to be up to.
What I am left wondering is why within the EU they needed to go on a raiding party. It should have been possible to acquire what they needed via gagged court orders. Did they suspect a leak that would reveal their actions should they take the legal route?
-
Thursday 26th February 2015 10:38 GMT Anonymous Coward
Noooooo. You can't just 'request an intercept' - there is a test of necessity and proportionality to made and passed. Mass hoovering of keys including those for individuals for which there is no necessity is AGAINST THE LAW. In the UK anyways. It is mass hoovering.
Dont confuse what the legislation says, with what those cheeky-eccentric-pipe-smoking-mis-matched-slippers good-ol-english-fair-play-n-cricket only-peeking-at-johnny-foreigner chappies at Cheltenham are supposed to get upto.
This 'intelligence' hasnt stopped ISIS. It hasnt stopped radicalisation events. It might've stopped terrorist attacks but we just dont know the usefulness proportion of hoovered data versus other forms of intelligence.
Hey - spies spy! Yeah and eaters eat and drinkers drink! What's your point?
-
-
Thursday 26th February 2015 15:35 GMT streaky
It's a shame so much ire is being directed at the victim of this attack and not the perpetrators.
Whether Gemalto are making themselves an easy target with clumsy PR shouldn't take away from the fact of what really happened here.
The problem is the NSA/GCHQ OP has exposed them for a sham. It's not clumsy PR it's share price first, security second. From a company that sells crypto products to the financial sector, amongst others.
Initially it's GCHQ/NSA's fault we could have been living in ignorance for decades about this; the UK government should be made to pay via a case at the ECJ for financial damage done to the state and costs to rebuild Gemalto with proper procedures in place and the recall/revoke/reissue of all the company's crypto products and keys.
That last part is where this story gets sketchy because that isn't what's going to happen, and investors have displayed fairly shocking ignorance over these events. Share price is higher today than when the revelations first aired in public, which is just frightening. They're basically claiming that they fought off arguably the two most capable offensive hacker orgs on the planet and won and nobody sensible should believe them.
-
-
Thursday 26th February 2015 08:02 GMT tom dial
The Gemalto claim that IMSI/Ki data were not stolen from their internal network may be correct, especially if the internal networks where they generate and manage keys are, as they state, isolated from the public internet and they can establish with reasonable certainty that they were not breached.
The basis for the Intercept's claim seems to be rather insubstantial, consisting of a bullet point on a single Powerpoint slide. Most of the article depends on a management report about a moderately successful research program ("compares favourably with manual results") to collect such information from bulk internet data. Several other items suggest that GCHQ (and perhaps NSA) wanted to get this data directly from the source, but no real indication that they actually were able to do so.
-
Thursday 26th February 2015 08:35 GMT Sir Runcible Spoon
Sir
"isolated from the public internet"
Are you aware of how many ways that could be interpreted? I can think of half a dozen off the top of my head which would mean that the servers could be cracked whilst still maintaining the 'truth' of that statement.
It's just PR shite to save their stock price or to try and stem the flow of people asking for new SIMs free of charge with new keys.
-
Thursday 26th February 2015 15:40 GMT streaky
especially if the internal networks where they generate and manage keys are, as they state, isolated from the public internet and they can establish with reasonable certainty that they were not breached
They didn't state this - they said their network is like something to do with onions and that they got into their office network and no further, which is fairly obviously nonsense.
-
-
-
Thursday 26th February 2015 11:38 GMT Anonymous Coward
Re: Stupid Question
It's slippery PR working.
The keys were stolen, but not from the "high security Gemalto network" where they were created.
So that limits the possibilities to:
- the keys were stolen somewhere within Gemalto that is not considered part of the high security network
- the keys were intercepted in transit between Gemalto and customers
- the keys were stolen at customer networks
- all of the above
- large scale key interception was a concept that never delivered large quantities of keys
- this was a NSA/GCHQ thought exercise and no actual theft occured
And there are probably more options.
My guess is that the NSA/GCHQ obtained a lot of keys somehow (PR denies something so assume the opposite is true) and if they all came from Gemalto, then the source is likely to be within Gemalto based on the number of telco's supposedly compromised rather than breaches at every telco/transit medium.
-
Thursday 26th February 2015 21:15 GMT tom dial
Re: Stupid Question
The Intercept says GCHQ and NSA hacked Gemalto's network, and the grammar in the lead paragraph says they stole keys from there. They point, in the second paragraph to a document they say details the operation, a PowerPoint slide in which the sole reference to Gemalto is:
"- GEMALTO - successfully implanted several machines and
believe we have their entire network - TDSD are working the
data"
Not a lot of detail, and not overly supportive of a claim that they succeeded in getting anything specific. The note containing the remark “very happy with the data so far and [was] working through the vast quantity of product”, said to accompany the slide did not accompany the article - perhaps it was in the blacked-out area of the slide. In that context one might ask why a mass grab of IMSI/Ki data from the source would require any "working through" worth mentioning.
None of the documents linked in the article mentions the Mobile Handset Exploitation Team. That isn't to say such documents don't exist or that there is no such group, but it seems odd when many of the other claims have links to related documents, especially as the article says its existence had not previously been disclosed.
The actually meaningful documents linked in the Intercept article describe getting keys by processing mass data collections. They do not state that all, or even a significant fraction of the IMSI/Ki data was for Gemalto SIMS, although given Gemalto's size many certainly would have been. The number of keys reported in the documents to have been obtained was in the order of a half million, compared to Gemalto's reported (in the Intercept article) two billion annual SIM card production. Most of the documents derived from this one:
https://firstlook.org/theintercept/document/2015/02/19/pcs-harvesting-scale/
which describes obtaining IMSI/Ki pairs by examining data intercepted in transit between vendors and carriers or between different carriers. One of the other documents, so called, appears to be an excerpt from a document describing goals:
https://firstlook.org/theintercept/document/2015/02/19/dapino-gamma-cne-presence-wiki/
We may reasonably think the agencies desired direct access to Gemalto's and others' key management facilities, but not that they succeeded in getting them.
There seems generally to be a nearly total lack of scepticism about any claim of NSA, GCHQ, or other Five Eyes sins so long as it makes reference to a document that Edward Snowden is said to have provided.
-
-
Thursday 26th February 2015 16:18 GMT WatAWorld
Re: Stupid Question
"If the keys were on a network not connected to the internet then how did they get them to their customers?"
Read up on Stuxnet.
Read up on the Equation Group (The Register hasn't covered this story much).
http://observer.com/2015/02/equation-group/
In plain terminology, usually enemy spies put stuff on internet-connected computers that gets hand-carried over to the victim's non-internet connected computers via disks or USB sticks.
There is also a history of some national intelligence agency intercepting US mail to alter conference proceedings CDs. So intercepting the physical transfer of information by mail or courier.
But they can also do spying via monitoring energy usage or physically copying the contents of the non-internet connected computers.
Nothing you can imagine as possible is impossible for the major state-sponsored spy agencies.
It does not matter how much care you take, the NSA, GCHQ, their Russian, Israeli, French and Chinese counterparts can get at your stuff if they decide you are a target.
-
Thursday 26th February 2015 21:40 GMT tom dial
Re: Stupid Question
Although they might be a good start, Stuxnet and exploits such as attributed to the Equation Group are not well suited to extraction and exfiltration of targeted information from a network that is properly isolated, either physically or logically, from the public internet.
It may be that Gemalto was thoroughly owned and every SIM they produced in the last four or five years is compromised. The Intercept does not exactly say that, but certainly hints at it. However, it also is possible that any hack was, as Gemalto stated, limited to computers connected to their public facing network and that the IMSIs and keys were not compromised except during transfers. Either statement is logically compatible with the documents to which the Intercept article links.
-
-
Friday 27th February 2015 14:12 GMT Tom 13
Re: Stupid Question
Yes.
That is afterall how RSA and others ship physical keys. And if you're building that sort of structure, you buy your PCs and servers, build them out in an isolated secure room, never connect them to the internet, and only use the system to generate the keys which are then carried out of the room on whatever media they use. So long as the only thing touching the isolated networks is the media receiving the keys, you have a reasonable level of confidence it wasn't breached.
-
-
Thursday 26th February 2015 13:01 GMT Anonymous Coward
Do we have admission of the attacks?
Because if we do, then the agents, their superiors, the civil servants and the MPs involved should all be brought up on criminal charges.
There is no excuse for this action. None.
People should not live in fear of their own governments, governments should live in fear of their voters.
-
-
Thursday 26th February 2015 16:57 GMT Keith 12
They don't really have any other choice ...
An immediate 10% drop in share price with the revelations didn't leave the company with any other choice but to deny the keys were compromised.
2 billion SIM cards annual production - let's have a class action as regards our privacy say various action groups, I want a new one free of charge, I want my money back etc etc - a total nightmare for the company concerned. We all know that the T&C's will prevent any of this happening but the media attention alone ...
It's the same old I'm afraid: CPU / Motherboard / Drives (add your product or service here) - there is absolutely no problem with our product / service says the supplier (ISP's used to be really good at this) - until it turns there WAS a problem but its now fixed.
Just today, a large Hosting provider notes there is an "unknown" e-mail issue in their service update page - nah, it's not "unknown" at all - at least one of your Mail Servers is currently blacklisted ...
-
Thursday 26th February 2015 17:24 GMT Anonymous Coward
HSM?
I don't know much about Gemalto but surely they must use HSMs and secure rooms etc for key storage?
If so, any breach of their corporate network shouldn't lead to the keys being compromised. Unless of course access can be gained to the HSMs...
Maybe Gemalto could verify that the HSM environment wasn't breached?
-
Thursday 26th February 2015 21:53 GMT tom dial
It is interesting that these articles and comments always seem to come back to the NSA. In the documents Intercept article linked, in fact, the only occurrence of "NSA" was in connection with GCHQ referring recovered IMSI/Ki data for Somali carriers to them, since GCHQ had little interest in it. The article made additional statements not supported by links to documents.
Certainly the NSA has been up to a lot, but in this case the actor appears to have been GCHQ.