Hi all, thanks for the detailed responses on this thread. I'm trying to understand how weak BGAN, Thuraya, Iridium encryption could be. For example one of them claims in its site that "Thuraya's integrated satellite communication solutions are rapidly deployable, employ the highest level of encryption, and are proven in meeting exacting security standards for use in the field." Beyond the ability that some may have to detect the location of a call/connection and log their calls, how true is that their encryption can protect the contents of the information transmitted? Is the risk the same for each voice/data/text? Is part of the solution to use encryption modules like http://www.shoghicom.com/thuraya-encryption.html? Thanks, Enrique

While this information is encrypted there seems to be some doubt as to the strength of that encryption. The US military complex did not have much faith in it and seems to have been able to bypass or crack the encryption to access the location information of Thuraya devices used by Iraqi Government officials[2]. While it is not clear exactly how this was achieved we do know that Thuraya devices were manufactured by Boeing and this fact may have contributed to an easy decryption route for US forces.

Thuraya is easy to monitor. It's not even expensive. There are commercial solutions and there are non-commercial projects that work with common hardware. Satellite communication networks are absolutely not secure to use without additional protection. If location anonymity is important, I highly advise against using satellite communications technology. Unless you've properly tampered with the device to falsify the location reporting, you're probably not as secure as you'd like... _______________________________________________ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?" You will need the user name and password you receive from the list moderator in monthly reminders. Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE