Results 1 to 6 of 6

Thread: How the NSA Stole the Keys to Your Phone

  1. #1

    How the NSA Stole the Keys to Your Phone

    February 20, 2015 By Julian Sanchez

    A blockbuster story at The Intercept Thursday revealed that a joint team of hackers from the National Security Agency and its British counterpart, the Government Communications Headquarters (GCHQ), broke into the systems of one of the world’s largest manufacturers of cell phone SIM cards in order to steal the encryption keys that secure wireless communications for hundreds of mobile carriers—including companies like AT&T, T-Mobile, Verizon, and Sprint. To effect the heist, the agencies targeted employees of the Dutch company Gemalto, scouring e-mails and Facebook messages for information that would enable them to compromise the SIM manufacturer’s networks in order to make surreptitious copies of the keys before they were transmitted to the carriers. Many aspects of this ought to be extremely disturbing.

    First, this is a concrete reminder that, as former NSA director Michael Hayden recently acknowledged, intelligence agencies don’t spy on “bad people”; they spy on “interesting people.” In this case, they spied extensively on law-abiding technicians employed by a law-abiding foreign corporation, then hacked that corporation in apparent violation of Dutch law. We know this was hardly a unique case—one NSA hacker boasted in Snowden documents diclosed nearly a year ago about “hunting sysadmins”—but it seems particularly poetic coming on the heels of the recent Sony hack, properly condemned by the U.S. government. Dutch legislators quoted in the story are outraged, as well they should be. Peaceful private citizens and companies in allied nations, engaged in no wrongdoing, should not have to worry that the United States is trying to break into their computers.

    Second, indiscriminate theft of mobile encryption keys bypasses one of the few checks on government surveillance by enabling wiretaps without the assistance of mobile carriers. On the typical model for wiretaps, a government presents the carrier with some form of legal process specifying which accounts or lines are targeted for surveillance, and the company then provides those communications to the government. As the European telecom Vodaphone disclosed last summer, however, some governments insist on being granted “direct access” to the stream of communications so that they can conduct their wiretaps without going through the carrier. The latter architecture, of course, is far more susceptible to abuse, because it removes the only truly independent, nongovernmental layer of review from the collection process. A spy agency that wished to abuse its power under the former model—by conducting wiretaps without legal authority or inventing pretexts to target political opponents—would at least have to worry that lawyers or technicians at the telecommunications provider might detect something amiss. But any entity armed with mobile encryption keys effectively enjoys direct access: they can vacuum up cellular signals out of the air and listen to any or all of the calls they intercept, subject only to internal checks or safeguards.
    ...
    Finally, this is one more demonstration that proposals to require telecommunications providers and device manufacturers to build law enforcement backdoors in their products are a terrible, terrible idea. As security experts have rightly insisted all along, requiring companies to keep a repository of keys to unlock those backdoors makes the key repository itself a prime target for the most sophisticated attackers—like NSA and GCHQ. It would be both arrogant and foolhardy in the extreme to suppose that only “good” attackers will be successful in these efforts.
    http://www.cato.org/blog/how-nsa-stole-keys-phone
    Last edited by robert68; 02-21-2015 at 01:50 AM.



  2. Remove this section of ads by registering.
  3. #2

    'The Great SIM Heist
    How Spies Stole the Keys to the Encryption Castle
    '
    AMERICAN AND BRITISH spies hacked into the internal computer network of the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications across the globe, according to top-secret documents provided to The Intercept by National Security Agency whistleblower Edward Snowden.

    The hack was perpetrated by a joint unit consisting of operatives from the NSA and its British counterpart Government Communications Headquarters, or GCHQ. The breach, detailed in a secret 2010 GCHQ document, gave the surveillance agencies the potential to secretly monitor a large portion of the world’s cellular communications, including both voice and data.
    ...
    Last edited by robert68; 02-21-2015 at 01:54 AM.

  4. #3
    I'll do anything to stay safe. They're keeping us safe! /s

  5. #4

  6. #5
    What other companies out there produce SIM cards besides Gemalto?

  7. #6
    Quote Originally Posted by charrob View Post
    Here's an earlier thread on this with additional info: http://www.ronpaulforums.com/showthr...22#post5789122 .
    Thanks!



Similar Threads

  1. Ancel Keys
    By ThePenguinLibertarian in forum Personal Health & Well-Being
    Replies: 0
    Last Post: 08-16-2013, 08:48 AM
  2. The Keys to Success
    By Lisa100 in forum Ron Paul Forum
    Replies: 0
    Last Post: 01-14-2012, 05:16 PM
  3. They stole the Tea Parties, now they stole the Moneybombs
    By AdamT in forum U.S. Political News
    Replies: 20
    Last Post: 03-24-2010, 08:27 AM
  4. This may be too Late - USB Keys?
    By slamhead in forum Grassroots Central
    Replies: 10
    Last Post: 01-06-2008, 10:40 PM
  5. Florida Keys - Well Done!
    By uflnuceng in forum Florida
    Replies: 0
    Last Post: 01-02-2008, 04:45 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •