We've know for a while that the A5/1 encryption used by most carriers is vulnerable to exploitation, especially since they seemed not to care at all about its vulnerabilities, but now it looks like the system has been cracked to the extent that the U.S. National Security Agency (NSA), and presumably other intelligence agencies around the world, can listen in on and read our private conversations and text transmissions. The Washington Post:
The extent of the NSAโs collection of cellphone signals and its use of tools to decode encryption are not clear from a top-secret document provided by former contractor Edward Snowden. But it states that the agency โcan process encrypted A5/1โ even when the agency has not acquired an encryption key, which unscrambles communications so that they are readable.
Experts say the agency may also be able to decode newer forms of encryption, but only with a much heavier investment in time and computing power, making mass surveillance of cellphone conversations less practical.
A5/1 was originally devised in the 1980s for 2G GSM radio, and while many carriers now provide 3G voice channels, they still fall over into 2G often enough for it to be problematic. WaPo states that 80% of worldwide calls still use the old, or no, encryption. The leaked documents do not provide any information on CDMA network vulnerabilities.
There's no Voice over LTE (VoLTE) yet, but when that technology gets deployed, better encryption should proliferate along with it. A5/3, for example, requires 100,000 times the compute power to attack. AT&T already provides better encryption on 3G, but will be upgrading "parts" of its 2G network to A5/3 as well.
Regardless of how you feel about government surveillance, these exploits never remain solely in the hands of governments, or of people who we would trust with our private conversations, texts, and data. Should the carriers be doing more? Should the manufacturers and service providers be doing more? How important is your privacy?
Review: Elevate your workspace with FlexiSpot EG1 Standing Desk
The FlexiSpot EG1 Standing desk is an electric, height adjustable desk equipped with dual cord management holes โ a must for every workspace.
Portless iPhone 13 to use 'Internet Recovery' for restoring, claims leak
A new report claims that Apple plans to use a feature called 'Internet Recovery' to allow users to restore the portless version of the iPhone 13 should they run into any problems with the device.
Apple developers despair as DTK rebate offers vary worldwide
Apple has confirmed to developers they must return their Developer Transition Kit's to the company by March 31, however many developers worldwide seem upset they aren't getting a full rebate of $500 US developers are.
Webcam hacking is real, but you can protect yourself with a privacy cover
Worried people might be looking in through your webcam on your MacBook? No worries! Here are some great privacy covers that will protect your privacy.