Archive for UK

Newer Entries »

Gemalto To Planet Earth: You Have Nothing To Worry About

Posted in Commentary with tags , , on February 25, 2015 by itnerd

As promised, Gemalto held a press conference today to respond to a report that they were hacked by U.K. and U.S. intelligence types and encryption codes that would let them spy on smartphone users were stolen. Now News.com has a pretty comprehensive report. But it can be summed up like this:

“The attacks against Gemalto only breached its office networks and could not have resulted in a massive theft of SIM encryption keys,” Gemalto said in a statement at a press conference held in response to a report in the Intercept alleging a massive theft by the US National Security Agency and UK Government Communications Headquarters. The report said millions of SIM card encryption keys had been stolen through the joint NSA and GCHQ operation.

Gemalto then lays out why this is the case. And they also let the world know that 2G networks would be the ones under threat. Both 3G and 4G networks are apparently safe. But the core message is this: There’s nothing to see here. Move along.

Though, they did let this cat out of the bag:

However, Gemalto said, it appears that other SIM card manufacturers were targeted, so privacy and security concerns can’t be dispelled. For example, the spy agency documents pointed to 300,000 keys stolen from a Somali carrier that isn’t a Gemalto customer. Indeed, that’s the case for four of the 12 carriers identified in the documents, Gemalto said.

Lovely. Clearly this story isn’t over and neither is the concern that this will generate.

Leave a comment »

SIM Cards Still Secure Despite Hack Says Gemalto

Posted in Commentary with tags , , , on February 23, 2015 by itnerd

Last week I brought you a story on UK and US intelligence types hacking into a company called Gemalto who makes among other things, SIM cards for mobile phone carriers, and gaining the ability to eavesdrop on millions of smartphone users because of the hack. Today, Gemalto came out with a statement that basically says that the SIM cards that they produce are still secure despite this hack:

Gemalto, the world leader in digital security, is devoting the necessary resources to investigate and understand the scope of such sophisticated techniques. Initial conclusions already indicate that Gemalto SIM products (as well as banking cards, passports and other products and platforms) are secure and the Company doesn’t expect to endure a significant financial prejudice.

The company does plan to hold a press conference to provide more details on this in Paris at 10:30 am on the 25th of February. We’ll see at that point how the company explains the fact that their SIM cards are secure despite this hack. Personally, I am dubious. But I’m willing to let them lay out their evidence to back up their case.

Leave a comment »

US & UK Spies Hack Into Maker Of SIM Cards To Spy On Mobile Phone Users

Posted in Commentary with tags , , , on February 20, 2015 by itnerd

This is something that potentially will keep you awake tonight. It has come to light that American and UK spies have hacked into a company called Gemalto in order to gain the ability to spy on smartphone users. Here’s some of the details from the BBC:

The Intercept says that “the great Sim heist” gave US and British surveillance agencies “the potential to secretly monitor a large portion of the world’s cellular communications, including both voice and data”.

It says that among the clients of the Netherlands-based company are AT&T, T-Mobile, Verizon, Sprint and “some 450 wireless network providers around the world”.

One other thing to consider. Gemalto also produces the ID chips used in modern passports. Thus the effects of this could go beyond the smartphone space. One thing to note is that when Gemalto produces SIM cards, they themselves set the encryption codes. Which means that if you get the encryption code or codes, you can cause a whole lot of damage. The chips used in passports are apparently blank when they’re delivered to the end customer. So they are less likely to be exploited because the end customers would set up their own encryption. At least in theory. These days you never know. Neither country has commented on this. Not that you would expect them to.

This came to light because of the gift that keeps on giving known as Edward Snowden. Love him or hate him, he is sure making intelligence agencies tremble in fear because of what he knows.

Leave a comment »

UK Government Wants To Monitor E-mails, Surfing, Mobile Phones Usage… Bye Bye Privacy

Posted in Commentary with tags , on October 16, 2008 by itnerd

Last time I checked this was 2008 and not 1984. But after reading The Communications Data Bill (2008), I’m not so sure. Basically this bill will lead to the creation of a single, centralized database containing records of all e-mails sent, websites visited and mobile phones used by UK citizens.

That in a nutshell means that any concept of privacy is gone. Of course we are talking about a nation that has CCTV everywhere, so its not as if they had much privacy to begin with. But it is kind of scary.

In any case, Home Secretary Jacqui Smith says that the cops need these sorts of powers:

“Our ability to intercept communications and obtain communications data is vital to fighting terrorism and combating serious crime, including child sex abuse, murder and drugs trafficking.”

That truly sounds like something out of 1984 to me. Perhaps we should call her “Big Sister?”

So in an IT Nerd first, I’ve posted a poll to see what you think (but that should not stop you from leaving a comment too).

1 Comment »

Newer Entries »