The great SIM Hiest: SIM maker hacked

gjacobse

AMERICAN AND BRITISH spies hacked into the internal computer network of the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications across the globe, according to top-secret documents provided to The Intercept by National Security Agency whistleblower Edward Snowden.

nadnerB

@g.jacobse said:

AMERICAN AND BRITISH spies hacked into the internal computer network of the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications across the globe, according to top-secret documents provided to The Intercept by National Security Agency whistleblower Edward Snowden.

I was about to post a similar article but the one you posted is much better than the one I read.

nadnerB

AMERICAN AND BRITISH spies hacked into the internal computer network of the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications across the globe, according to top-secret documents provided to The Intercept by National Security Agency whistleblower Edward Snowden.

The hack was perpetrated by a joint unit consisting of operatives from the NSA and its British counterpart Government Communications Headquarters, or GCHQ. The breach, detailed in a secret 2010 GCHQ document, gave the surveillance agencies the potential to secretly monitor a large portion of the world’s cellular communications, including both voice and data.

Proof that nothing is safe. We are going to have to resort to talking to people in parks and slipping private notes under their coffee mugs if we intend on having secure communications.

gjacobse

Sadly not even that is secure...

I've often thought that anything that is really secure doesn't exist. Has never been thought of, conceptualized or produced. You can use technology to listen in from across a room, yard or field - Look at Super Bowl Games...

nadnerB

And now, ladies and gentlemen, the counter:
Dutch authentication and security vendor Gemalto has acknowledged that its networks were 'probably' broken into by US and UK spy agencies, but said the intrusion did not result in a massive theft of SIM card encryption keys.
 
...
 
The company also noted that the documents leaked by Snowden indicate that other SIM card vendors were targeted by NSA and GCHQ, suggesting encryption keys were also stolen from non-Gemalto customer telcos.
http://www.itnews.com.au/News/400950,gemalto-says-sim-key-heist-happened-but-failed.aspx?eid=1&edate=20150226&utm_source=20150226_AM&utm_medium=newsletter&utm_campaign=daily_newsletter

Dashrender

It's impossible to prove a negative, and their inability to find evidence isn't evidence that they weren't stolen, unfortunately.

nadnerB

@Dashrender said:

It's impossible to prove a negative, and their inability to find evidence isn't evidence that they weren't stolen, unfortunately.

Assume the worst, move to plan B