Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

NSA steals SIM card encryption keys from largest manufacturer Gemalto

Options

Comments

  • Options
    #2
    Shannon757
    Closed Accounts Posts: 22,847 ✭✭✭✭Shannon757


    Snowden didn't tell us that did he?


  • Options
    #3
    dalta5billion
    Registered Users Posts: 1,034 ✭✭✭dalta5billion


    Shannon757 wrote: »
    Snowden didn't tell us that did he?

    Excellent point. I've wondered about the ethics of Greenwald holding back on information- that is, unless there's another leak.


  • Options
    #4
    industrialhorse
    Registered Users Posts: 203 ✭✭industrialhorse


    Have you'se ever stopped to consider that Snowden probably got his hands on as much information as he could at that time but other NSA projects (like this!) may have been in their earliest stages and had their data stored on the local drives of direct employee's machines or at a much higher level of access than Snowden was afforded?


  • Options
    #5
    dalta5billion
    Registered Users Posts: 1,034 ✭✭✭dalta5billion


    industrialhorse wrote: »
    Have you'se ever stopped to consider that Snowden probably got his hands on as much information as he could at that time but other NSA projects (like this!) may have been in their earliest stages and had their data stored on the local drives of direct employee's machines or at a much higher level of access than Snowden was afforded?

    Yeah, it's crazy to read of 2010 programmes with no idea of what else they had in store.

    I would guess with the rise of open source crypto they'll be focusing on influencing that by pushing algorithms they know to be flawed, and using more backdoors like the ones we're seeing now.


  • Options
    #6
    Impetus
    Registered Users Posts: 1,667 ✭✭✭Impetus


    Ki keys for millions of SIM cards have been stolen by CIA/GCHQ bh. hackers. Cards made by Gemalto (NL) are known to be compromised.

    The Ki code is used in the encryption and authentication process for mobile phone calls. Access to these codes enable snoops to listen to mobile phone traffic (eg using fake cellsites or co-operating mobile networks). I would have thought that mobile phones issued to senior government and political figures are a key target.

    Cards used by networks based in Ireland, Iceland, India, Yemen, Afghanistan, Iran and Somalia are included in the Ki theft, according to Ars.

    Gemalto produce about 2 billion SIM cards per annum.

    Depending on the network, some SIMs have the manufacturer’s logo. Gemalto’s shares are down about 7% since yesterday’s close -
    http://www.aex.nl/nl/products/equities/NL0000400653-XAMS/quotes

    http://www.faz.net/aktuell/politik/snowden-dokumente-nsa-knackt-verschluesselung-von-sim-karten-13439240.html

    http://arstechnica.com/tech-policy/2015/02/sim-card-makers-hacked-by-nsa-and-gchq-leaving-cell-networks-wide-open/

    https://firstlook.org/theintercept/2015/02/19/great-sim-heist/


  • Advertisement
  • Options
    #7
    dbit
    Closed Accounts Posts: 1,322 ✭✭✭dbit


    Ticket to india , a backpack and a tin opener good luck and thanks . There is a spoon and NSA owns them all. :-(


  • Options
    #8
    jmcc
    Registered Users Posts: 7,310 ✭✭✭jmcc


    GSM is not and never was secure.

    Regards...jmcc


  • Options
    #9
    digitalninja
    Registered Users Posts: 455 ✭✭digitalninja


    Shannon757 wrote: »
    Snowden didn't tell us that did he?

    From the article's first line:
    according to top-secret documents provided to The Intercept by National Security Agency whistleblower Edward Snowden.


  • Options
    #10
    dalta5billion
    Registered Users Posts: 1,034 ✭✭✭dalta5billion


    jmcc wrote: »
    GSM is not and never was secure.

    Regards...jmcc

    It most definitely wasn't secure against active attacks. The problem with this breach is that it enabled the NSA and GCHQ to do passive attacks.


  • Options
    #11
    jmcc
    Registered Users Posts: 7,310 ✭✭✭jmcc


    dalta5billion wrote: »
    It most definitely wasn't secure against active attacks. The problem with this breach is that it enabled the NSA and GCHQ to do passive attacks.
    It was not and is not secure. And having the Ki, amongst other data, allows for a lot more than just passive attacks.

    Regards...jmcc


  • Advertisement
  • Options
    #12
    Impetus
    Registered Users Posts: 1,667 ✭✭✭Impetus


    jmcc wrote: »
    GSM is not and never was secure.

    Regards...jmcc

    Agreed. UMTS is more secure. But if you are listening to 2 Mbits/sec of wireless traffic, encrypted, you hae a huge computing requirement to decrypt each channel of traffic, listen to it and examine the C7 data, it taken a lot of computing power, to see if the chatter is of interest or background noise. However, if you have the keys, it makes the job much simpler. It changes the task from brute force on lots of separately encrypted voice channels to an "open the padlock with the key" job.


  • Options
    #13
    Hotblack Desiato
    Registered Users Posts: 34,022 ✭✭✭✭Hotblack Desiato


    jmcc wrote: »
    GSM is not and never was secure.

    Regards...jmcc

    Never mind arguments over protocols. It has always been extremely foolish to assume the networks are not compromised by the authorities who issue their licences to operate.

    Life ain't always empty.



Advertisement