[Crypto-chi] NSA / GCHQ steal SIM card encryption keys
Freddy Martinez
freddymartinez9 at gmail.com
Sat Feb 21 13:08:08 CST 2015
Hi all.
Thanks joe for pointing out this article to the list [0]. I don't want to
turn this list into only long discussion about news we see. But one
disturbing trend is that these nice folks stole the IMSI / Ki keys of a
frightening amount of SIM cards. While the standard defense is that this is
needed to go after "bad guys", at this point the IMSIs are unassigned and
not even in the carriers hands. Further, the Ki can be used to decrypt any
future and previous GSM traffic. (Combine this with BOUNDLESSINFORMANT or
STELLARWIND and you have a historical wiretap).
But no we shouldn't be assume cell phones are secure anyways.
Tl;Dr install signal or text secure or redphone.
Related: the signal team needs help translating and reviewing strings for
signal 2.0 (the iOS build with TextSecure!) [1]
[0] https://firstlook.org/theintercept/2015/02/19/great-sim-heist/
[1] https://t.co/fMCmGr8uQw
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://groups.sshchicago.org/pipermail/cryptoparty-chi/attachments/20150221/eef1eddf/attachment.html>
More information about the cryptoparty-chi
mailing list