background preloader

The Great SIM Heist: How Spies Stole the Keys to the Encryption Castle

The Great SIM Heist: How Spies Stole the Keys to the Encryption Castle
AMERICAN AND BRITISH spies hacked into the internal computer network of the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications across the globe, according to top-secret documents provided to The Intercept by National Security Agency whistleblower Edward Snowden. The hack was perpetrated by a joint unit consisting of operatives from the NSA and its British counterpart Government Communications Headquarters, or GCHQ. The breach, detailed in a secret 2010 GCHQ document, gave the surveillance agencies the potential to secretly monitor a large portion of the world’s cellular communications, including both voice and data. The company targeted by the intelligence agencies, Gemalto, is a multinational firm incorporated in the Netherlands that makes the chips used in mobile phones and next-generation credit cards. In all, Gemalto produces some 2 billion SIM cards a year. Its motto is “Security to be Free.” GCHQ slide.

https://firstlook.org/theintercept/2015/02/19/great-sim-heist/

Related:  Radiopersonal data and securityNews Worthy of ThoughtData Breach

With $15 in Radio Shack parts, 14-year-old hacks a car A teenager not even old enough to drive a car was able to wirelessly connect to a vehicle's internal computer network and control various functions. The 14-year-old built an electronic remote auto communications device with $15 worth of Radio Shack parts that were assembled in less than a night. Auto executives at a conference this week sponsored by the Center for Automotive Research revealed how stunned they were by the feat, which actually happened last summer, noting it shed light on the need for greater security as vehicles gain more wireless capabilities. The boy, whose name is not being released, was among 30 other students ranging in age from high school to college undergraduates to PhD students who participated in the third annual Battelle CyberAuto Challenge.

The Best Old-Fashioned Cocktail in New York For six weeks, the editors of New York Magazine and Grub Street are publishing a series of definitive lists that declare the absolute best versions of 101 things to eat, drink, and do. To help find New York City’s best old-fashioned, Grub Street turned to Robert Simonson, the author of The Old-Fashioned. (In other words, he wrote the book on the subject.)

David Cameron to close gap in oversight of mass surveillance David Cameron has moved to close a hole in the oversight of Britain’s intelligence agencies after it was revealed for the first time that they were creating “bulk personal datasets” containing millions of items of personal information, some of it gathered covertly without any statutory accountability. Some of the data appears to have been gathered from other government departments as well as commercial organisations. The disclosure came in a long-awaited 149-page report prepared by parliament’s intelligence and security committee (ISC) examining the oversight and capabilities of the UK intelligence agencies in the wake of the revelations of Edward Snowden, the former US National Security Agency (NSA) contractor. The inquiry found the laws governing the agencies’ activities – including mass surveillance – require a total overhaul to make them more transparent, comprehensible and capable of restoring trust in their work.

Tastic RFID Thief: Silent RFID Hacking - Bishop Fox You’re a professional. You’re equipped with the latest in elite, customized RFID hacking tools. So, it’s high time you put a silencer on your Tastic RFID Thief – the weaponized, long-range badge reader. We’ll show you how to avoid the embarrassingly loud beep when turning on your RFID badge stealer during your next physical penetration test. Bernie Sanders Facing Pressure Over Supporters’ Actions in Nevada Photo Raising the prospect of lasting fissures in the party, Senator rebuffed pressure on Tuesday to rein in his supporters after they disrupted a weekend Democratic convention in Nevada, throwing chairs and later threatening the state chairwoman in a fight over delegates. The uproar comes as is struggling to turn her and the party’s attention to the fall. Mr. Sanders’s supporters showed no sign of backing down on Tuesday. In interviews, several threatened to disrupt the party’s convention in Philadelphia in July with protests and nonviolent disobedience over a nominating system that they say has treated Mr.

Requests for user information – Google Transparency Report Like other technology and communications companies, Google regularly receives requests from governments and courts around the world to hand over user data. In this report, we disclose the number of requests we receive from each government in six-month periods with certain limitations. Usage of our services have increased every year, and so have the user data request numbers. We continue to look for new ways to organize information and provide more detail. Why You Should Care About Software Defined Radio It hasn’t become a household term yet, but Software-Defined Radio (SDR) is a major player on the developing technology front. Whether you’re building products for mass consumption, or just playing around for fun, SDR is worth knowing something about and I’ll prove it to you. SDR Boils Down a Hard Problem First off let’s reconcile what is meant by “radio”. If it sends or receives via radio frequency it has a radio in it.

How Donald Trump Bankrupted His Atlantic City Casinos, but Still Earned Millions “T.H.C.R. is a casino and entertainment company,” the lawsuit, filed in 1999, said. “It is not in the business of loaning money. The company desperately needed (and needs) cash to shore up its deteriorating financial condition.” (The suit was dropped in 2000, shortly after Mr. Trump paid the company back.) NSA broke privacy rules thousands of times per year, audit finds The National Security Agency has broken privacy rules or overstepped its legal authority thousands of times each year since Congress granted the agency broad new powers in 2008, according to an internal audit and other top-secret documents. Most of the infractions involve unauthorized surveillance of Americans or foreign intelligence targets in the United States, both of which are restricted by statute and executive order. They range from significant violations of law to typographical errors that resulted in unintended interception of U.S. e-mails and telephone calls.

Related: