We've know for a while that the A5/1 encryption used by most carriers is vulnerable to exploitation, especially since they seemed not to care at all about its vulnerabilities, but now it looks like the system has been cracked to the extent that the U.S. National Security Agency (NSA), and presumably other intelligence agencies around the world, can listen in on and read our private conversations and text transmissions. The Washington Post:
The extent of the NSA’s collection of cellphone signals and its use of tools to decode encryption are not clear from a top-secret document provided by former contractor Edward Snowden. But it states that the agency “can process encrypted A5/1” even when the agency has not acquired an encryption key, which unscrambles communications so that they are readable.
Experts say the agency may also be able to decode newer forms of encryption, but only with a much heavier investment in time and computing power, making mass surveillance of cellphone conversations less practical.
A5/1 was originally devised in the 1980s for 2G GSM radio, and while many carriers now provide 3G voice channels, they still fall over into 2G often enough for it to be problematic. WaPo states that 80% of worldwide calls still use the old, or no, encryption. The leaked documents do not provide any information on CDMA network vulnerabilities.
There's no Voice over LTE (VoLTE) yet, but when that technology gets deployed, better encryption should proliferate along with it. A5/3, for example, requires 100,000 times the compute power to attack. AT&T already provides better encryption on 3G, but will be upgrading "parts" of its 2G network to A5/3 as well.
Regardless of how you feel about government surveillance, these exploits never remain solely in the hands of governments, or of people who we would trust with our private conversations, texts, and data. Should the carriers be doing more? Should the manufacturers and service providers be doing more? How important is your privacy?
We may earn a commission for purchases using our links. Learn more.
Developer interview: Steve Troughton-Smith talks iOS 14, WWDC, and more
We caught up with Steve Troughton-Smith to talk about WWDC as a remote conference, and his hopes and dreams for iOS 14.
Apple loses appeal in Italy over iPhone slow down scandal
A court in Italy has upheld a ruling that Apple slowed down iPhones unlawfully, for which Apple was made to pay 10 million euros in fines.
Apple unveils 'Ted Lasso' first look for TV+, debuting August 14
Apple has given its first look at TV+ comedy 'Ted Lasso', which it has announced will debut on August 14.
Webcam hacking is real, but you can protect yourself with a privacy cover
Worried people might be looking in through your webcam on your MacBook? No worries! Here are some great privacy covers that will protect your privacy.