Mom said: do not trust the phone with a SIM-card

US and UK secret services stole ciphers from a SIM card manufacturer

Late in the evening, the sites of the largest agencies were struck by another interesting technical information. This time, they moved from computer technology to more modern, mobile ones. We must immediately say that the experts have long had doubts about the reliability of SIM-cards. Some just looked into the water (in 2013), not only with SIM cards, but also with Snowden ...



For example, here is a 2013 note: “The sim card is not as well protected as I would like to think. ” Karsten Nohl said: “We can remotely (via SMS) install the program on the victim’s mobile phone, and this program will work completely independent of the phone. We can spy on you. We can get your crypto keys used to encrypt phone calls. We can read your SMS. In addition to just spying, we (also via SMS) can steal critical data about the owner — your mobile identity — from the phone's SIM card and withdraw money from your account. ” AND…



Analyzing his statements, the journalist, the author of the article, remarked (in brackets): “Karsten Zero believes that a defective implementation of Java sandboxes is an oversight and a blunder of the world's leading suppliers of SIM cards (in the top three companies of this series, Gemalto is called Oberthur and Giesecke-Devrier). What exactly is the term to call what these companies do - “oversight”, “incompetence” or, say, “intentional weakening of protection” - this is a very difficult question. Because it’s hard to find and produce the main source of the problem (unless again there is another fighter for the truth, like Snowden or Manning , and does not merge the relevant documents on the Internet.) But, anyway, the weaknesses in the protection of SIM-cards revealed now seem to be more reasonable by chance st ... ".



... And as the water looked. Another scandal associated with the possibilities of information theft is associated with one of these people, and, of course, with the special services.

')

Now, " Tass is authorized to declare ." Not literally, of course, but ... we quote TASS .

Documents of Snowden: US and UK secret services stole ciphers from the SIM card manufacturer

NEW YORK, February 19th. / Corr. TASS Andrei Bekrenev. The US National Security Agency (NSA), engaged in electronic intelligence, and the Office of Government Communications (OOPS) hacked into the computer networks of the world's largest manufacturer of SIM cards and stole encryption keys used to protect cell phone conversations from unauthorized access. This is stated in the secret documents of the special services of Great Britain, transmitted to the media by a former employee of the CIA and the NSA, Edward Snowden, and published by The Intercept online edition.



As the newspaper writes, Gemalto based in the Netherlands, producing chips for mobile phones and bank cards, was attacked. Its customers include about 450 mobile operators worldwide, including US AT & T, T-Mobile, Verizon and Sprint.



“The hacking of computer networks was carried out by a joint unit, which included employees of the NSA and UPS. As a result of the attack, information about which is contained in a secret document of the UPS, dated 2010, intelligence agencies were able to secretly track a significant part of cellular communications in the world, including conversations and call data, ”reports The Intercep.



As the newspaper notes, thanks to the ciphers stolen, the special services can monitor mobile phone conversations without requesting permission from telecommunications companies, authorities and judicial instances.



According to representatives of Gemalto, the company did not know anything about the penetration of special services into its systems until The Intercept contacted them. “I am very concerned. The most important thing for us now is to assess the scale of the incident and understand how this happened in order to prevent a repetition of this, ”said Gemalto Executive Vice President Paul Beverly.

It seems that in various organizations, communities and circles that do not like publicity of their connections, there will be a big commotion. One can hope that the Russian special services, working with Snowden, knew a little earlier than we did, how important was the information open to the public now.

• The original source of the news (a very large article; the text from TASS is only the beginning of it and the essence of what is happening; then - details of the history of the development of SIM-cards technology and an assessment of the scale of special services, based on data in secret documents, details of hacks and interests of services):
  
  The Great SIM Heist. How Spies is the Castle to the Encryption Castle? (English) (link provided by a5b , thanks to him).
• A similar story 2 days ago , on hard drives.