NSA/GCHQ Hacks SIM Card Database and Steals Billions of Keys
The Intercept has an extraordinary story: the NSA and/or GCHQ hacked into the Dutch SIM card manufacturer Gemalto, stealing the encryption keys for billions of cell phones. People are still trying to figure out exactly what this means, but it seems to mean that the intelligence agencies have access to both voice and data from all phones using those cards.
Me in The Register: “We always knew that they would occasionally steal SIM keys. But all of them? The odds that they just attacked this one firm are extraordinarily low and we know the NSA does like to steal keys where it can.”
I think this is one of the most important Snowden stories we’ve read.
Matthijs • February 20, 2015 8:39 AM
“Gemalto security for 113 nationalities, 3,000+ banks, 450 mobile networks, 80 e-gov programs”, pointed out by https://twitter.com/Cryptomeorg/status/568754045504131072 .
Gemalto partner list:
http://www.gemalto.com/companyinfo/partners/partners-list
It’s perfectly understandable that spies seek access to this booty, including for democratically justifiable objectives, but I do wonder to what extent these sorts of hacks suffice (or can even be expected to suffice) requirements of necessity, proportionality, subsidiarity.