Juri Kaljudi wrote:
On Wed, 31 Jan 1996, Bill Stewart wrote:
providers don't. The GSM phones used in much of the world have encryption, but it's apparently not very strong.
As the A5 algorithm has so far not been publically disclosed, no one outside of the spook community really knows if has a backdoor or what computational effort might be involved in brute forcing it. One can certainly suppose that there was a lot of pressure to weaken it, but whether that was accomplished by installing trapdoors or simply by making special purpose hardware brute forcers simple, fast, and cheap is not known.
I would say GSM security is still better than nothing. The problem is of course that only tha radio link is encrypted, not the connection out into public telephone network.
I have seen news stories about some shady "spy-shop" type companies in England who are selling microwave receivers capable of intercepting and decoding the microwave backhaul links that connect most GSM cell sites to the mobile switching offices. Apparently even some supposedly secure GSM systems use unencrypted backhauls which can be relatively easily intercepted by someone with the right gear from places near enough the towers to have a line of sight view of them. Dave Emery die@die.com