The NSA Has Access to Your Cell Phone’s Encryption Key. And Everyone Else’s Too.


The surveillance state, it turns out, is even bigger and badder than we thought. Previously, the story from the NSA has been: yes, we have access to petabytes of telephone metadata (who you called, what time you called, etc.), but we don’t have routine access to your actual conversations. And this even made a kind of sense: telephone companies store bulk metadata and can make it available to the NSA. They don’t record phone conversations. Besides, on cell phones those conversations are encrypted anyway.

But guess what? That encryption depends on a key stored on the SIM card inside your cell phone. If you have access to the key, you can listen in to all the conversations you want.

You know what’s coming next, don’t you? Here is Jeremy Scahill at the Intercept:

American and British spies hacked into the internal computer network of the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications across the globe, according to top-secret documents provided to The Intercept by National Security Agency whistleblower Edward Snowden. The hack was perpetrated by a joint unit consisting of operatives from the NSA and its British counterpart Government Communications Headquarters, or GCHQ.

….The company targeted by the intelligence agencies, Gemalto, is a multinational firm incorporated in the Netherlands that makes the chips used in mobile phones and next-generation credit cards. Among its clients are AT&T, T-Mobile, Verizon, Sprint and some 450 wireless network providers around the world.

….According to one secret GCHQ slide, the British intelligence agency penetrated Gemalto’s internal networks, planting malware on several computers, giving GCHQ secret access….Most significantly, GCHQ also penetrated “authentication servers,” allowing it to decrypt data and voice communications between a targeted individual’s phone and his or her telecom provider’s network. A note accompanying the slide asserted that the spy agency was “very happy with the data so far and [was] working through the vast quantity of product.”

The folks at Gemalto say they had no idea any of this had happened. Apparently it was a very stealthy hack indeed. As you might expect, there is much, much more at the link.

THE BIG QUESTION...

as we head into 2020 is whether politics and media will be a billionaires’ game, or a playing field where the rest of us have a shot. That's what Mother Jones CEO Monika Bauerlein tackles in her annual December column—"Billionaires Are Not the Answer"—about the state of journalism and our plans for the year ahead.

We can't afford to let independent reporting depend on the goodwill of the superrich: Please help Mother Jones build an alternative to oligarchy that is funded by and answerable to its readers. Please join us with a tax-deductible, year-end donation so we can keep going after the big stories without fear, favor, or false equivalency.

THE BIG QUESTION...

as we head into 2020 is whether politics and media will be a billionaires’ game, or a playing field where the rest of us have a shot.

Please read our annual column about the state of journalism and Mother Jones' plans for the year ahead, and help us build an alternative to oligarchy by supporting our people-powered journalism with a year-end gift today.

We Recommend

Latest

Sign up for our newsletters

Subscribe and we'll send Mother Jones straight to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate

We have a new comment system! We are now using Coral, from Vox Media, for comments on all new articles. We'd love your feedback.