My mother said: do not trust the phone with a SIM card

US and UK intelligence agencies steal ciphers from manufacturer of SIM-cards

Late in the evening, the sites of the largest agencies were struck by another interesting technical information. This time, we switched from computer technology to more modern, mobile ones. We must immediately say that specialists have long had doubts about the reliability of SIM-cards. Some looked just like into the water (in 2013), not only with SIM cards, but also with Snowden ...

For example, here is a note from 2013: "The SIM card is far from being as well protected as I would like to think"Karsten Nohl said:“ We can remotely (via SMS) install the program on the victim’s mobile phone, and this program will work completely independently of the phone. We can spy on you. We can get your cryptographic keys used to encrypt phone calls "We can read your SMS. Besides just spying, we (via SMS) can also steal critical information about the owner - your mobile identity - from our phone’s SIM card and withdraw money from your account." And ...

Analyzing his statements, the journalist, the author of the article, noted (in brackets): “Karsten Zero believes that a defective implementation of Java sandboxes is an obvious oversight and a mistake of the world's leading SIM card providers (Gemalto is commonly called the top three companies in this series, Oberthur and Giesecke-Devrier). What the term “company oversight”, “incompetence”, or, say, “deliberate weakening of protection” is called by what term, is a very difficult question. It’s unlikely that anyone will be able to find and present the main source of the problem (unless again there is another fighter for the truth, like Snowden or Manning, and will not merge the relevant documents on the Internet). But be that as it may, the weaknesses that have been revealed in the protection of SIM cards that are now more reasonable seem to be considered by no means an accident ... ".

... And they looked into the water. Another scandal related to the possibility of information theft is associated with one of named people, and, of course, with special services.

Now, “ TASS is authorized to declare .” Not so literally, of course, but ... we quote TASS .

Snowden's docs: US and UK intelligence agencies steal ciphers from SIM card manufacturer

NEW YORK, February 19. / Corr. TASS Andrey Bekrenev. The United States National Security Agency (NSA), an electronic intelligence agency, and the Office of Government Communications (OOPS) hacked into the computer networks of the world's largest SIM card manufacturer and stole the encryption keys used to protect cell phone conversations from unauthorized access. This is stated in the secret documents of the British special services, transferred to the media by a former CIA and NSA officer Edward Snowden and published by The Intercept online edition.

According to the publication, the attack was carried out in the Netherlands-based company Gemaltoproducing chips for mobile phones and bank cards. Its customers are about 450 mobile operators worldwide, including US AT&T, T-Mobile, Verizon and Sprint.

“Hacking of computer networks was carried out by a joint unit, which included employees of the NSA and UPS. As a result of the attack, information about which is contained in a secret document of the UPS, dated 2010, the intelligence agencies were able to secretly track a significant part of the cellular communications in the world, including conversations and data on calls, ”The Intercep reports.

According to the publication, thanks to the stolen ciphers, special services can monitor conversations on mobile phones without requesting permission for this from telecommunication companies, authorities and judicial instances.

According to Gemalto representatives, the company did not know anything about the penetration of special services into its systems until The Intercept contacted it. “I am very worried. Now the main thing for us is to assess the scale of what happened and understand how it happened in order to prevent a similar occurrence, ”said Paul Beverly, Gemalto Executive Vice President.

It seems that in various organizations, communities and circles that do not like the publicity of their ties, a great commotion will begin. We can hope that the Russian special services, working with Snowden, knew a little earlier than we did, how weighty was the information that was open to the public now.

• The source of the news (a very large article; the text from TASS is just the beginning of it and the essence of what is happening; hereinafter - details of the history of the development of SIM card technology and estimates of the scale of the activities of special services, based on data in secret documents, details of hacks and interests of services):
  The Great SIM Heist. How Spies Stole the Keys to the Encryption Castle? (English) (link provided by a5b , thanks to him).
• A similar story 2 days ago , on hard drives.